Bootstrap FreeKB - OpenShift - View a pods SSL certificate
OpenShift - View a pods SSL certificate
Updated:   |  OpenShift articles

If you are not familiar with the oc command, refer to OpenShift - Getting Started with the oc command.

Before issuing the oc get pods command, issue the oc login command. The oc get pod/<pod name> -o yaml command can be used to return the YAML of a pod. In this example, the YAML of pod001 will be returned.

oc get pod/pod001 -o yaml -n project001

 

If the pod is using a public certificate and private key for SSL, the YAML should contain something like this.

- args:
  - --logtostderr
  - --secure-listen-address=[$(IP)]:9100
  - --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
  - --upstream=http://127.0.0.1:9100/
  - --tls-cert-file=/etc/pki/tls/foo.crt
  - --tls-private-key-file=/etc/pki/tls/foo.key

 

The oc exec command can be used to view data of the certificate file. 

oc exec pod001 -- cat /etc/pki/tls/foo.crt

 

Which should return something like this.

-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITOgAAAO4w3LdZxHQvJAABAAAA7jANBgkqhkiG9w0BAQsF
ADBKMRMwEQYKCZImiZPyLGQBGRYDY29tMRswGQYKCZImiZPyLGQBGRYLVGhyaXZl
bnREZXYxFjAUBgNVBAMTDVRocml2ZW50RGV2Q0EwHhcNMjEwNjE2MTAz . . .
-----END CERTIFICATE-----

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter 2b9a4b in the box below so that we can be sure you are a human.