Skip to content

Release 0.17.3

This patch release makes the console’s OIDC redirect URI configurable and lets you import custom CA certificates into the API’s default truststore.

For new installations, see the Installation guide.

For upgrading existing installations, see the associated Upgrading to 0.17.x guide.

The console’s OIDC redirect URI is now configurable through console.config.security.oidc.redirectUri. It defaults to the current origin, so existing installations are unaffected, and you can set it to a full URI when your provider requires a dedicated callback path.

Custom CA certificates can now be imported into the API’s default truststore. Provide the PEM-encoded certificates in a Kubernetes Secret and reference it through api.config.tls.customCaCertificates.secretName, and the API merges them into the JVM’s default truststore on startup. This resolves PKIX path building failed errors when the OIDC provider or another TLS endpoint uses a private or internal CA.

For a full list of changes, see the Changelog.