首页 > 其他分享 >k8s证书相关

k8s证书相关

时间:2023-12-12 16:57:35浏览次数:32  
标签:证书 admin pem cert ----- 相关 k8s csr

 

1、cfssl 字签证书

查看证书

可以使用以下命令查询CFSSL证书是否过期:

复制代码
  cfssl certinfo -cert <certificate_file>

其中,<certificate_file>为证书文件路径。执行该命令后,会输出证书的相关信息,包括有效期等信息。可以根据输出结果判断证书是否过期。

[root@mcwk8s03 ~]# ls k8s/
apiserver.sh  controller-manager.sh  etcd-cert  etcd-v3.3.10-linux-amd64         k8s-cert  kubeconfig  scheduler.sh
cfssl.sh      dashboard              etcd.sh    etcd-v3.3.10-linux-amd64.tar.gz  k8sPkg    master.zip
[root@mcwk8s03 ~]# ls k8s/k8s-cert/
admin.csr       admin-key.pem  ca-config.json  ca-csr.json  ca.pem       kube-proxy.csr       kube-proxy-key.pem  server.csr       server-key.pem
admin-csr.json  admin.pem      ca.csr          ca-key.pem   k8s-cert.sh  kube-proxy-csr.json  kube-proxy.pem      server-csr.json  server.pem
[root@mcwk8s03 ~]# ls k8s/k8s-cert/admin.pem 
k8s/k8s-cert/admin.pem
[root@mcwk8s03 ~]# cat k8s/k8s-cert/admin.pem
-----BEGIN CERTIFICATE-----
MIID3TCCAsWgAwIBAgIUHcAlsTUuMsxXSUMfH6vwkkrPEawwDQYJKoZIhvcNAQEL
BQAwZTELMAkGA1UEBhMCQ04xEDAOBgNVBAgTB0JlaWppbmcxEDAOBgNVBAcTB0Jl
aWppbmcxDDAKBgNVBAoTA2s4czEPMA0GA1UECxMGU3lzdGVtMRMwEQYDVQQDEwpr
dWJlcm5ldGVzMB4XDTIyMTAzMDE0MzUwMFoXDTMyMTAyNzE0MzUwMFowazELMAkG
A1UEBhMCQ04xEDAOBgNVBAgTB0JlaUppbmcxEDAOBgNVBAcTB0JlaUppbmcxFzAV
BgNVBAoTDnN5c3RlbTptYXN0ZXJzMQ8wDQYDVQQLEwZTeXN0ZW0xDjAMBgNVBAMT
BWFkbWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZPiaixPbzol
IY2bHtP7sPcjUXJSbNanKN4qhJQGibkxZ5pwQwP3PcY1Q79Fl0LjKeQ+YvwzwWaT
MswKB7QR/PRjOOvaUygmF8qwbvijMUApvu6z3REfOPIJeu0vMmGFb5iiRwbZclcL
Ff4riyrtbs25gfo3JsF3vh5t5+4IG1fvlVf0T06dOktUBCmqmKycHOMCp1tJoV0E
tzyWnQKUPoP71aNbk1oU8f1Eg4NmFlL6UVXYQZDnIZaKJ7O2vGj3bQThWiehxC7y
wAgZuwz30iJw1I2tGmgf4i9p9lv0DQ3g6HFIadWJYgHYPRlXNAm6HO2N0WWVIYel
3ZJAKT0PaQIDAQABo38wfTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFO7V365a/fm6
+hcVuVlGyiSb4g7DMB8GA1UdIwQYMBaAFO/yGGdgmXzM94RUS8znMA8lM4WIMA0G
CSqGSIb3DQEBCwUAA4IBAQDEqAVIptH/HoE6y2YzlWhd+lmt6FVkYhJadSGpxI0N
AgGS3MS8IWrQ1xjM+nkT9FvliZFesN5FGALEOlgmBzuFsRiGKNl9gGDUdNx079Qo
AUkdf25ONxqbhx5Vy9okz46Vh2AdnswDKYZAuGXkR+KlAUt9z7ApDAphRPNwCvbQ
teV/KsJTQy35y9IEazYeQ9+8SiszDTo8puoaCuYESR9okEga2pkMHbUSPJ6rtk5H
Mj/elP/UObP8iFp4K6gwW4kAYIJvuIpQiFyv2Tm9CIKsT+wme10aQ3UR7DHvWfF1
gi9N6yywrAVAjlzdTRZ6/zRAkjxrcl3CVtqdYNb3MidC
-----END CERTIFICATE-----
[root@mcwk8s03 ~]# cfssl certinfo -cert k8s/k8s-cert/admin.pem
{
  "subject": {
    "common_name": "admin",
    "country": "CN",
    "organization": "system:masters",
    "organizational_unit": "System",
    "locality": "BeiJing",
    "province": "BeiJing",
    "names": [
      "CN",
      "BeiJing",
      "BeiJing",
      "system:masters",
      "System",
      "admin"
    ]
  },
  "issuer": {
    "common_name": "kubernetes",
    "country": "CN",
    "organization": "k8s",
    "organizational_unit": "System",
    "locality": "Beijing",
    "province": "Beijing",
    "names": [
      "CN",
      "Beijing",
      "Beijing",
      "k8s",
      "System",
      "kubernetes"
    ]
  },
  "serial_number": "169845758887256605723302231706311763439890928044",
  "not_before": "2022-10-30T14:35:00Z",
  "not_after": "2032-10-27T14:35:00Z",
  "sigalg": "SHA256WithRSA",
  "authority_key_id": "EF:F2:18:67:60:99:7C:CC:F7:84:54:4B:CC:E7:30:F:25:33:85:88",
  "subject_key_id": "EE:D5:DF:AE:5A:FD:F9:BA:FA:17:15:B9:59:46:CA:24:9B:E2:E:C3",
  "pem": "-----BEGIN CERTIFICATE-----\nMIID3TCCAsWgAwIBAgIUHcAlsTUuMsxXSUMfH6vwkkrPEawwDQYJKoZIhvcNAQEL\nBQAwZTELMAkGA1UEBhMCQ04xEDAOBgNVBAgTB0JlaWppbmcxEDAOBgNVBAcTB0Jl\naWppbmcxDDAKBgNVBAoTA2s4czEPMA0GA1UECxMGU3lzdGVtMRMwEQYDVQQDEwpr\ndWJlcm5ldGVzMB4XDTIyMTAzMDE0MzUwMFoXDTMyMTAyNzE0MzUwMFowazELMAkG\nA1UEBhMCQ04xEDAOBgNVBAgTB0JlaUppbmcxEDAOBgNVBAcTB0JlaUppbmcxFzAV\nBgNVBAoTDnN5c3RlbTptYXN0ZXJzMQ8wDQYDVQQLEwZTeXN0ZW0xDjAMBgNVBAMT\nBWFkbWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZPiaixPbzol\nIY2bHtP7sPcjUXJSbNanKN4qhJQGibkxZ5pwQwP3PcY1Q79Fl0LjKeQ+YvwzwWaT\nMswKB7QR/PRjOOvaUygmF8qwbvijMUApvu6z3REfOPIJeu0vMmGFb5iiRwbZclcL\nFf4riyrtbs25gfo3JsF3vh5t5+4IG1fvlVf0T06dOktUBCmqmKycHOMCp1tJoV0E\ntzyWnQKUPoP71aNbk1oU8f1Eg4NmFlL6UVXYQZDnIZaKJ7O2vGj3bQThWiehxC7y\nwAgZuwz30iJw1I2tGmgf4i9p9lv0DQ3g6HFIadWJYgHYPRlXNAm6HO2N0WWVIYel\n3ZJAKT0PaQIDAQABo38wfTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB\nBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFO7V365a/fm6\n+hcVuVlGyiSb4g7DMB8GA1UdIwQYMBaAFO/yGGdgmXzM94RUS8znMA8lM4WIMA0G\nCSqGSIb3DQEBCwUAA4IBAQDEqAVIptH/HoE6y2YzlWhd+lmt6FVkYhJadSGpxI0N\nAgGS3MS8IWrQ1xjM+nkT9FvliZFesN5FGALEOlgmBzuFsRiGKNl9gGDUdNx079Qo\nAUkdf25ONxqbhx5Vy9okz46Vh2AdnswDKYZAuGXkR+KlAUt9z7ApDAphRPNwCvbQ\nteV/KsJTQy35y9IEazYeQ9+8SiszDTo8puoaCuYESR9okEga2pkMHbUSPJ6rtk5H\nMj/elP/UObP8iFp4K6gwW4kAYIJvuIpQiFyv2Tm9CIKsT+wme10aQ3UR7DHvWfF1\ngi9N6yywrAVAjlzdTRZ6/zRAkjxrcl3CVtqdYNb3MidC\n-----END CERTIFICATE-----\n"
}
[root@mcwk8s03 ~]# 

疑问:其它工具生成的证书,是否也可以用这个工具来查询到信息呢,应该是可以的吧,它跟什么生成的没关系,应该跟文件格式有关系吧。

 

标签:证书,admin,pem,cert,-----,相关,k8s,csr
From: https://www.cnblogs.com/machangwei-8/p/17897282.html

相关文章

  • 浏览器中导出导入证书,https网站报非安全链接
    1、查看证书信息2、点击“网站非安全链接”3、点击“证书信息”,然后导出。4、保存证书至文件夹5、打卡Internet选项,找到内容-证书6、找到“受信任的根证书颁发机构”点击导入。7、找到导出的证书文件,导入即可。......
  • 时间戳相关操作
    时间戳相关操作格式化DATE_FORMAT(submit_time,'%Y%m')#Y:完整年#y:年份的后2位日期差1.TIMESTAMPDIFF#第二个参数-第一个参数SELECTTIMESTAMPDIFF(MONTH,'2012-10-01','2013-01-13');2.DATEDIFF#第一个参数-第二个参数SELECTDATEDIFF('2013-01-13'......
  • 【教程】制作 iOS 推送证书
    ​ 【教程】制作iOS推送证书如需向iOS设备推送数据,您首先需要在消息推送控制台上配置iOS推送证书。iOS推送证书用于推送通知,本文将介绍消息推送服务支持的证书类型,并引导您制作iOS推送证书。证书类型消息推送服务仅支持ApplePushService类型的证书。有关苹果证......
  • PMP-5.4.1 获取资源相关文件-实物资源分配单、项目团队派工单、资源日历
    一、实物资源分配单1.X轴(内容)实物资源分配单记录了项目将使用的(1)材料(2)设备(3)用品(4)地点(5)其他实物资源2.Y轴(属性)​实物资源分配描述了资源的预期使用情况以及资源的详细信息,例如(1)类型(2)数量(3)地点(4)属于组织内部资源还是外购资源 实物资源分配单是动态的,会因......
  • CUDA相关问题总结
    能对__global__cuda的核函数使用std::function吗答:在CUDA中,global函数是在GPU上执行的核函数,它们的参数和返回值类型在编译时是确定的。std::function是C++标准库中的一个函数包装器,它允许将函数或可调用对象作为参数传递给其他函数。然而,在CUDA中,由于GPU和主机运行......
  • window生成https证书
    window生成https证书参考:https://blog.csdn.net/qq_36279445/article/details/79447512最近研究webrtc,这个只能localhost和https调用getUserMedia,无奈之下,只能自己配置https了安装openssl下载地址http://gnuwin32.sourceforge.net/packages/openssl.htm随便一个下......
  • App备案与iOS云管理式证书 ,公钥及证书SHA-1指纹的获取方法
    iOS备案查看信息iOS平台BundleID公钥证书SHA-1指纹IOS平台服务器域名获取BundleID:或者https://developer.apple.com/account/resources/identifiers/list获取公钥与签名SHA1值:https://developer.apple.com/account/resources/certificates/list......
  • 百度图像增强与特效相关功能总结
    了解百度图像增强与特效相关功能并进行总结(占20%)。图像增强功能:去噪处理: 提供去除图像中噪点的功能,使图像更清晰。锐化处理: 增强图像的边缘,使细节更加突出。亮度调整: 允许调整图像的亮度,以改善图像的整体可视效果。对比度调整: 提供对比度调整功能,增强图像中颜色的对比度。图......
  • WebService相关资料
    问题:如图,VS2022新建项目时没有“ASP.NETWeb应用程序(.NETFramework)”的选项 解决方法:点击跳转至修改安装选项界面 选择安装该项即可: ......
  • 【APP小程序测试】APP抓包Frida反代理绕过和证书校验绕过
    前期准备逍遥模拟器Burp(抓包)测试APPfridawiresharkr0capture反代理和证书校验绕过解决app证书校验无法抓包问题使用工具:FridaFirda是一款易用的跨平Hook工具,Java层到Native层的Hook无所不能,是一种动态的插桩工具,可以插入代码到原生App的内存空间中,动态的......