Answer the question
In order to leave comments, you need to log in
N
N
Nikolay Baranenko2021-03-03 10:09:40
Nikolay Baranenko, 2021-03-03 10:09:40
How to validate k8s certificates for version 1.12.3?
Hello.
There is a kubernetes cluster of 3 master nodes, 5 work nodes, 3 etcd nodes.
the time has come to update the certificates.
Everything would be fine, but the version of k8s is v1.12.3
, in general, as in 1.15
kubeadm certs check-expiration
, it will not be possible to use it, I
found another option
echo | openssl s_client -showcerts -connect master_node1:6443 -servername api 2>/dev/null | openssl x509 -noout -enddatewill it be enough?
1 answer(s)
@mureevms
M
mureevms, 2021-03-03 @mureevms
Just checking is enough. It will be more convenient to make a loop:
for DOMAIN in host1.com host2.com host3.com
do
DOMAIN_EXPIRES=$(echo | openssl s_client -connect $DOMAIN:443 2>/dev/null | openssl x509 -noout -dates | grep notAfter | awk -F= '{print $2}')
echo $DOMAIN: $DOMAIN_EXPIRES
done
Similar questions
2
C
E
T
E
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question