stackoom
  简体   繁体   中英

How to generate valid certificates for instances created from GCE instance templates?

 原文  2016-04-15 08:02:03       certificate/ ssl-certificate/ google-compute-engine/ kubernetes

Question

I am generating Google Compute Engine instances from instance templates . The problem is I need to create certificates for each instance, and certificates need to be for each instance's hostname. Now, instance hostnames contain a random part, f.ex. staging-node-ntsr.c.example.internal . How can I generate certificates that correspond to these dynamically generated hostnames?

I use cfssl to generate certificates, my command line looks like this: 

cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=client-server worker.json | cfssljson -bare worker-client

The context is that I need to TLS secure my Kubernetes nodes.

1 answers

solution1
 0 ACCPTED  2016-04-16 10:40:24

通过在启动时在每个实例上生成证书来解决此问题,因为那时我知道每个实例的各种地址。

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Grizzly/Jersey: Generate keystore from certificates How generate CSR for wildcard multidomain certificates How to create certificates for multiple instances of a Docker container using Docker secrets? How to access a certifciate with error: "Unable to retrieve certificates because the thumbprint is not valid" ios Parse APNS no certificates - certificates not valid How can I create an automated test for valid WIndows installer certificates? How to extract leaf certificates from PKCS #7 files How to read certificates from my certificate store? Are Comodo's code signing certificates valid? creating valid test SSL certificates for IIS
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM