Self-signed certificate with Kubernetes fix
In Go 1.15 there is common name deprecation for using Common name: https://golang.google.cn/doc/go1.15#commonname This causes the self-signed cert to be rejected by some Kubernetes platforms: https://stackoverflow.com/questions/64814173/how-do-i-use-sans-with-openssl-instead-of-common-name Fix is to add this field to the cert.pull/3397/head
Novak Ivanovski
GitHub
parent
96357c9616
commit
e7dc768ae5
|
|
@ -68,6 +68,7 @@ This is more secure than the insecure registry solution.
|
|||
|
||||
$ openssl req \
|
||||
-newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key \
|
||||
-addext "subjectAltName = DNS:myregistry.domain.com" \
|
||||
-x509 -days 365 -out certs/domain.crt
|
||||
```
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue