Description of problem: When 'oc login --certificate-authority=<CA file>' and then 'oc get bc --insecure-skip-tls-verify', the latter oc operation fails. Reverse the order, it also fails. Version-Release number of selected component (if applicable): oc v3.0.2.901-61-g568adb6 kubernetes v1.1.0-alpha.1-653-g86b4e77 How reproducible: Always. Steps to Reproduce: 1. Start openshift 2. oc login with CA and create project $ SERVER=https://openshift-146.lab.eng.nay.redhat.com:8443 $ oc login --server=$SERVER --certificate-authority=openshift.local.config/master/ca.crt -u xxia -p redhat $ oc new-proj xxia-proj 3. Check the config $ oc config view 4. Test oc command with --insecure-skip-tls-verify when config uses CA $ oc get bc --insecure-skip-tls-verify=true 5. oc login with --insecure-skip-tls-verify 1> $ rm -f ~/.kube/config 2> $ oc login --server=$SERVER --insecure-skip-tls-verify=true -u xxia -p redhat 6. Check the config again $ oc config view 7. Test oc command with CA $ oc get bc --certificate-authority=openshift.local.config/master/ca.crt Actual results: 3. The cluster info uses CA 4. Outputs error: error: specifying a root certificates file with the insecure flag is not allowed 6. The cluster info uses insecure-skip-tls-verify 7. Outputs error: error: specifying a root certificates file with the insecure flag is not allowed Expected results: 4. and 7. Should succeed. Command line options take precedence over configuration file values Additional info: Checked step 4 and 7 in Openshift Origin works ok. Refer to https://docs.openshift.org/latest/cli_reference/manage_cli_profiles.html#loading-and-merging-rules
Closing due to age.