美文网首页
K8S证书了解

K8S证书了解

作者: 草莓_Ops | 来源:发表于2020-09-27 15:40 被阅读0次
[root@k8s7-200.host.com /opt/certs]# cfssl-certinfo -cert apiserver.pem 
{
  "subject": {
    "common_name": "k8s-apiserver",
    "country": "CN",
    "organization": "od",
    "organizational_unit": "ops",    #部门
    "locality": "shanghai",
    "province": "shanghai",
    "names": [
      "CN",
      "shanghai",
      "shanghai",
      "od",
      "ops",
      "k8s-apiserver"
    ]
  },
  "issuer": {      #CA证书,权威证书
    "common_name": "Datacloak",
    "country": "CN",
    "organization": "od",
    "organizational_unit": "ops",
    "locality": "shanghai",
    "province": "shanghai",
    "names": [
      "CN",
      "shanghai",
      "shanghai",
      "od",
      "ops",
      "Datacloak"
    ]
  },
  "serial_number": "554194374716607347917260436523298081750708489346",
  "sans": [
    "kubernetes.default",
    "kubernetes.default.svc",
    "kubernetes.default.svc.cluster",
    "kubernetes.default.svc.cluster.local",
    "127.0.0.1",
    "192.168.0.1",
    "10.4.7.10",
    "10.4.7.21",
    "10.4.7.22",
    "10.4.7.23"
  ],
  "not_before": "2020-09-26T08:39:00Z",
  "not_after": "2040-09-21T08:39:00Z",
  "sigalg": "SHA256WithRSA",
  "authority_key_id": "50:2D:AB:2B:AF:9D:96:CC:41:42:31:DE:39:AF:58:C0:6B:9B:4:97",
  "subject_key_id": "99:68:D4:20:68:74:2A:98:DF:2F:95:6D:29:5:33:90:9:D:77:61",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIEczCCA1ugAwIBAgIUYRLva9eXdCUBO/qw2idSSU7NjIIwDQYJKoZIhvcNAQEL\nBQAwYjELMAkGA1UEBhMCQ04xETAPBgNVBAgTCHNoYW5naGFpMREwDwYDVQQHEwhz\naGFuZ2hhaTELMAkGA1UEChMCb2QxDDAKBgNVBAsTA29wczESMBAGA1UEAxMJRGF0\nYWNsb2FrMB4XDTIwMDkyNjA4MzkwMFoXDTQwMDkyMTA4MzkwMFowZjELMAkGA1UE\nBhMCQ04xETAPBgNVBAgTCHNoYW5naGFpMREwDwYDVQQHEwhzaGFuZ2hhaTELMAkG\nA1UEChMCb2QxDDAKBgNVBAsTA29wczEWMBQGA1UEAxMNazhzLWFwaXNlcnZlcjCC\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALntyYGDE/58cZjLf/d3qVYU\n/eBbOjbsmnWp5EPViTYdVFqJe5qarTZMo3pi2GUB47dSquszcokqcjNKgjai9Sax\nos3xsoNgFmvWGiQr8y6gZoQrx9Emk2sS9ehh/88btjUK60amOmdxYzbFFY9FtsN7\nkCSnNLoPYdimsbz7V4JsmQVaRXXCe8DhOV7bD1qy5b9p2nc0z88K1Yqau7p50Ood\newchVidhLRkf4aU6TCXNo7CXHxu6po4VGrTvUT0YkaiF2mY54lDmubdYahcvDJXE\nS3MkHCCwnKdplykwN+IdA8xzHZIqenHvbpPT8gRGEMPlco8p3SwHHMB9uNdV4kUC\nAwEAAaOCARswggEXMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD\nATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSZaNQgaHQqmN8vlW0pBTOQCQ13YTAf\nBgNVHSMEGDAWgBRQLasrr52WzEFCMd45r1jAa5sElzCBoQYDVR0RBIGZMIGWghJr\ndWJlcm5ldGVzLmRlZmF1bHSCFmt1YmVybmV0ZXMuZGVmYXVsdC5zdmOCHmt1YmVy\nbmV0ZXMuZGVmYXVsdC5zdmMuY2x1c3RlcoIka3ViZXJuZXRlcy5kZWZhdWx0LnN2\nYy5jbHVzdGVyLmxvY2FshwR/AAABhwTAqAABhwQKBAcKhwQKBAcVhwQKBAcWhwQK\nBAcXMA0GCSqGSIb3DQEBCwUAA4IBAQCnTXo3C2qbcYK8wnULwicIBoLqMcX1tzK2\ng8/ctiuoX4jh1Zzwvd9mTkFI6ekq2VtMi+7IblHkX7NJ7XZB3H8E3mxHzkm6ju30\nwSi4dHnLU15WqDJ1LpImQZnHku8qr8pR8xQlmNcjQJmfN4pyGcXSJnPJkWDby1H9\nJv2fM9uGcE6tiQWgHuPLESZQyNc61Z2rXroK0dMf/a1xr5g24MamdySjMvJV+CWV\nMh3WrCk5F2gz1jJ290Gi8DSmkxGH6uR7nN9kJBqGwnemzOSruYxg4ukygm2176Gb\nP+y6cymOmpQsuurwrseIKF1ERqLMNHzEWlCaQso/11xBUKjA462K\n-----END CERTIFICATE-----\n"
}


[root@k8s7-200.host.com /opt/certs]# cfssl-certinfo -domain www.baidu.com
{
  "subject": {
    "common_name": "baidu.com",
    "country": "CN",
    "organization": "Beijing Baidu Netcom Science Technology Co., Ltd",
    "organizational_unit": "service operation department",
    "locality": "beijing",
    "province": "beijing",
    "names": [
      "CN",
      "beijing",
      "beijing",
      "service operation department",
      "Beijing Baidu Netcom Science Technology Co., Ltd",
      "baidu.com"
    ]
  },
  "issuer": {
    "common_name": "GlobalSign Organization Validation CA - SHA256 - G2",
    "country": "BE",
    "organization": "GlobalSign nv-sa",
    "names": [
      "BE",
      "GlobalSign nv-sa",
      "GlobalSign Organization Validation CA - SHA256 - G2"
    ]
  },
  "serial_number": "35388244279832734960132917320",
  "sans": [
    "baidu.com",





cat kubelet.config
复制client-certificat-data:数据
echo '......' |base64 -d
echo '......' |base64 -d >123.pem
证书反解:
[root@k8s7-200.host.com ~]# cfssl-certinfo -cert 123.pem 

image.png

相关文章

网友评论

      本文标题:K8S证书了解

      本文链接:https://www.haomeiwen.com/subject/dlqluktx.html