tengine icon indicating copy to clipboard operation
tengine copied to clipboard
verified publisher icon alibaba

请问国密双证书的ingress secret格式是怎样的?

Open Asutorufa opened this issue 1 year ago • 2 comments

国密需要双证书,文档中只有单证书的例子,双证书的secret格式是怎样的?还是直接把两个证书和密钥叠加到一个pem文件中?

Asutorufa avatar Dec 20 '24 03:12 Asutorufa

#国密签名证书 ssl_sign_certificate sign.pem; ssl_sign_certificate_key sign.key;

#国密加密证书 ssl_enc_certificate enc.pem; ssl_enc_certificate_key enc.key;

whbwyj avatar Dec 27 '24 09:12 whbwyj

#国密签名证书 ssl_sign_certificate sign.pem; ssl_sign_certificate_key sign.key;

#国密加密证书 ssl_enc_certificate enc.pem; ssl_enc_certificate_key enc.key;

请问是这样吗? @whbwyj, 这样子创建会失败,因为kubernetes.io/tls需要tls.crt,tls.key字段。

The Secret "default-ingress-tls" is invalid:
* data[tls.crt]: Required value
* data[tls.key]: Required value

apiVersion: v1
kind: Secret
metadata:
  name: testsecret-tls
  namespace: default
data:
  sign.pem: base64 encoded cert
  sign.key: base64 encoded key
  enc.pem: base64 encoded cert
  enc.key: base64 encoded key
type: kubernetes.io/tls

Asutorufa avatar Dec 30 '24 03:12 Asutorufa