While integrating endpoint with openID connect using on-premise Keycloak using self-sign certificate.
I keep getting HTTP 401 Unauthorized.
In the logs:
level=warning msg="JWT Invalid: Validation error. Validation error. Failure while contacting the configuration endpoint https://keycloak:9443/auth/realms/my-realm/.well-known/openid-configuration.
 First request, please do not swallow the error. I only found out that the cause is actually
Get https://keycloak:9443/auth/realms/my-realm/.well-known/openid-configuration: x509: certificate signed by unknown authority after adding some extra debug logs.
 To solve no.1 I need feature to allow me to add additional CA to the TLSConfig.
…/tyk/vendor/github.com/TykTechnologies/openid2go/openid/middleware.go #25 is using http.Get which use http.DefaultClient.Get