Tuesday, February 12, 2019

How to Convert Kubeconfig CA string to Readable CA Format

Symptom:

  In ~/.kube/config  , we have kubeconfig file which has CA string like below. We would like to convert it to a readable CA format.
$ cat config
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTk
............
    server: https://1.1.1.1:6443
  name: kubernetes

Solution:

First to use base64 decode the string to PEM
$ echo 'above string' | base64 -d  > /tmp/1.crt
Output is like:
-----BEGIN CERTIFICATE-----
MIIC8jCCAdqgAwIBAgIIb7ih1QetvQ8wDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE
..............
-----END CERTIFICATE-----

Second to use openssl to convert it to readable format
openssl x509 -in  /tmp/1.crt  -noout -text
Output is like
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8050362270253694223 (0x6fb8a1d507adbd0f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=kubernetes
        Validity
            Not Before: Oct 30 08:01:56 2018 GMT
            Not After : Oct 30 08:02:01 2019 GMT
        Subject: O=system:masters, CN=kubernetes-admin
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:

                    00:bd:50:23:56:92:2c:0a........

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)