How to create client-cert and key from K8s config file

283 Views Asked by Ahmed K Madani At 01 August 2023 at 19:13

I have created a cluster using K3s and I have gotten config file below

apiVersion: v1
    clusters:
    - cluster:
        certificate-authority-data: XX_REPLACE_WITH_YOUR_CERTIFICATE_AUTHORITY_DATA_XX
        server: https://XX_REPLACE_WITH_YOUR_CLUSTER_IP_XX:6443
      name: default
    contexts:
    - context:
        cluster: default
        user: default
      name: default
    current-context: default
    kind: Config
    preferences: {}
    users:
    - name: default
      user:
        client-certificate-data: XX_REPLACE_WITH_YOUR_CLIENT_CERTIFICATE_DATA_XX
        client-key-data: XX_REPLACE_WITH_YOUR_CLIENT_KEY_DATA_XX

I want to connect the cluster using postman for example

https://{ClusterIP}:6443/api/v1/namespaces/nginx/configmaps/app-config

but in a secure way I need to generate a cert and key in .pem format how to do that ?

Original Q&A

There are 1 best solutions below

larsks On 01 August 2023 at 19:42

If you are asking about extracting certificates from the configuration file (it's a little unclear from your question):

The certificate and key in your kubeconfig file are already in .pem format; you just need to extract the data. Using yq, you can do this to get the certificate:

yq -r '.users[]|select(.name="default").user."client-certificate-data"|@base64d' example.yaml  > cert.pem

And to get the key:

yq -r '.users[]|select(.name="default").user."client-key-data"|@base64d' example.yaml  > key.pem

How to create client-cert and key from K8s config file

There are 1 best solutions below

Related Questions in KUBERNETES

Related Questions in K3S

Related Questions in KUBE-APISERVER

Trending Questions

Popular # Hahtags

Popular Questions