Merge pull request #36936 from bergerhoffer/BZ-1992431

bergerhoffer · web-flow · commit d80990986a93 · 2021-09-30T11:39:27.000-04:00
BZ-1992431: Adding note about self-signed certs
diff --git a/modules/oauth-customizing-the-oauth-server-URL.adoc b/modules/oauth-customizing-the-oauth-server-URL.adoc
@@ -13,8 +13,9 @@ If you update the internal OAuth server URL, you might break trust from componen
 
 [source,terminal]
 ----
-$ oc login -u <username> -p <password> --certificate-authority=<path_to_ca.crt>
+$ oc login -u <username> -p <password> --certificate-authority=<path_to_ca.crt> <1>
 ----
+<1> For self-signed certificates, the `ca.crt` file must contain the custom CA certificate, otherwise the login will not succeed.
 
 The Cluster Authentication Operator publishes the OAuth server's serving certificate in the `oauth-serving-cert` config map in the `openshift-config-managed` namespace. You can find the certificate in the `data.ca-bundle.crt` key of the config map.
 ====
