Reputation: 3611
How to use a .pfx certificate in Kubernetes?
I have a .pfx file that a Java container needs to use.
I have created a tls secret using the command
kubectl create secret tls secret-pfx-key --dry-run=client --cert tls.crt --key tls.key -o yaml
apiVersion: v1
kind: Secret
type: kubernetes.io/tls
metadata:
name : secret-pfx-key
namespace: default
data:
#cat tls.crt | base64
tls.crt: base64-gibberish....
#cat tls.key | base64
tls.key: base64-gibberish....
However, now I cannot understand how to use it. When I add the secret as volume in the pod I can see the two files that are created. But I need the combination of the two in one .pfx file.
Am I missing something? Thanks.
Note: I have read the related stackoverflow questions but could not understand how to use it.
Upvotes: 1
Views: 4229
Answers (1)
Reputation: 15490
You can convert to pfx first, then kubectl create secret generic mypfx --from-file=pfx-cert=<converted pfx file>
Mount the secret as a volume in your pod:
apiVersion: v1
kind: Pod
metadata:
name: test-mypfx
spec:
restartPolicy: OnFailure
volumes:
- name: pfx-volume
secret:
secretName: mypfx
containers:
- name: busybox
image: busybox
command: ["ash","-c","cat /path/in/the/container/pfx-cert; sleep 5"]
volumeMounts:
- name: pfx-volume
mountPath: /path/in/the/container
The above example dump the cert, wait for 5s and exit.
Upvotes: 3
Related Questions
- SSL/TLS certificates management in Kubernetes
- How to use Kubernetes SSL certificates
- kubernetes traffic with own certificates
- Can I create a kubernetes secret with the kubectl command using a .pfx certificate?
- How do you add a certificate authority (CA) to k8s?
- How to create tls certs which I can use in kubernetes?
- Kubernetes tls/ssl using .pfx certificate
- Installing certificates on Kubernetes
- How to properly submit certificate for signing in Kubernetes?
- Kubernetes on localhost: setup certificates