There is an application (Java) deployed in OpenShift. The istio-ingress-gateway is also configured. My task is to call my service using the https protocol with mTLS. At the moment, I have the following settings in the ingress-gateway in the tls block:
caCertificates: somePath/ca.pem
mode: MUTUAL
privateKey: somePath/tls.key
serverCertificate: somePath/tls.crt
I want to call my service through Google Chrome / Postman / curl, as I understand it, for this I need to generate a client certificate based on the certificates specified in openshift and put it in the calling client. My question is how can I generate a client certificate from this and how can I put it on the caller?
it's work for browser - openssl pkcs12 -export -out cert.pfx -inkey tls.key -in tls.crt -certfile ca.pem - don't forget import cert.pfx to windows
For Curl - 'cu r l https://mTLSHost -k --key./tls.key --cert./tls.crt'
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.