I am currently testing Tanzu and when we try to deploy a pod from an external Harbor install we are getting an x509 error.

Error:  Error: Failed to resolve on node <esxi host name>. Reason: Http request failed. Code 400: ErrorType(3) failed to do request: Head "https://tanzu-harbor.gmu.edu/v2/ubi8/ubi8/manifests/latest": x509: certificate signed by unknown authority. To trust certificates signed by custom CA, CA certificate must be added to 'image-fetcher-ca-bundle' configmap in 'kube-system' namespace: ErrImagePull

I have update the imager-fetcher-ca-bundle using "kubectl edit configmap image-fetcher-ca-bundle -n kube-system", but the CA cert does not apply.   

Would like to know if I am missing something.  

Thanks