openssl把证书变成pkcs12格式
openssl把证书变成pkcs12格式需求只有kubeconfig,java如何使用它把变成证书呢?变成证书又怎么调用k8s的api呢?1. 变成证书kubeconfig_to_cert.sh# cat kubeconfig_to_cert.shexport clientcert=$(grep client-cert ~/.kube/config |cut -d" " -f 6)echo $cl
·
openssl把证书变成pkcs12格式
需求
只有kubeconfig,java如何使用它把变成证书呢?变成证书又怎么调用k8s的api呢?
1. 变成证书
kubeconfig_to_cert.sh
# cat kubeconfig_to_cert.sh
export clientcert=$(grep client-cert ~/.kube/config |cut -d" " -f 6)
echo $clientcert
export clientkey=$(grep client-key-data ~/.kube/config |cut -d" " -f 6)
echo $clientkey
export certauth=$(grep certificate-authority-data ~/.kube/config |cut -d" " -f 6)
echo $certauth
echo $clientcert | base64 -d > ./client.pem
echo $clientkey | base64 -d > ./client-key.pem
echo $certauth | base64 -d > ./ca.pem
# kubectl config view |grep server
IP=$(kubectl config view |grep server | cut -d ' ' -f 6)
curl --cert ./client.pem \
--key ./client-key.pem \
--cacert ./ca.pem \
${IP}/api/v1/namespaces
这样就有证书了
drwxr-x--- 15 xiaoyu staff 480 7 18 18:34 .
drwxr-xr-x+ 56 xiaoyu staff 1792 7 18 20:19 ..
-rw-r--r-- 1 xiaoyu staff 2677 7 18 18:29 ca.pem
drwxr-x--- 4 xiaoyu staff 128 5 6 20:44 cache
-rw-r--r-- 1 xiaoyu staff 1679 7 18 18:29 client-key.pem
-rw-r--r-- 1 xiaoyu staff 1294 7 18 18:29 client.pem
-rw-r--r--@ 1 xiaoyu staff 8899 7 18 14:56 config
drwxr-x--- 172 xiaoyu staff 5504 7 16 19:49 http-cache
-rw-r--r-- 1 xiaoyu staff 587 7 14 21:25 kubeconfig_to_cert.sh
x
2. 证书变成java使用的证书
openssl pkcs12 -name "xiaolixi" -export -out xiaolixi.p12 -inkey client-key.pem -in client.pem -certfile ca.pem
3. 调用k8s api
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献4条内容
所有评论(0)