Created
July 24, 2018 21:02
-
-
Save GauntletWizard/fb482d61f9151763d332bf1e0994307b to your computer and use it in GitHub Desktop.
OSX Security for k8s
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Notes on connecting | |
| # Trust the k8s root certificate | |
| security -v add-trusted-cert -k "${HOME}/Library/Keychains/login.keychain-db" -r trustRoot "${KUBE_CERT}" | |
| # Generate a user key and `security import` it | |
| openssl genrsa -out "${CLIENTCERTKEY}" 4096 | |
| security import "${CLIENTCERTKEY}" | |
| # Set for OSX | |
| # Get the sha | |
| # security find-cert -a -c ted -Z | |
| # openssl x509 -noout -fingerprint -in ~/.kube/ted.kube-prod.secrethouse.party.crt | |
| security set-identity-preference -s https://api.kubernetes.server -Z "${CERTSHA}" | |
| # Set for chrome | |
| # AutoSelectCertificateForUrls ? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment