K
Q

Openshift 4 certificates location and manual renewal process

7/21/2021

I'm checking on various certificates in okd 4 referring to: https://docs.okd.io/latest/security/certificate_types_descriptions/user-provided-certificates-for-api-server.html Here the certificates are categorized into different sections. I could see that for all the category of certificates the location is mentioned except for ETCD, node and Service CA. Please help me in finding the location of these.

Another query is How to manually renew okd 4 certificates. I see that below are the category of certificates in okd 4 from https://docs.okd.io/latest/security/certificate_types_descriptions/user-provided-certificates-for-api-server.html

Bootstrap
Control plane
Etcd
Node
Service CA
Proxy certificates
Monitoring and Cluster Logging
Ingress certificates
OLM certificates
User-provided certs for API server
User-provided certs for default ingress

Here considering only System managed certificates, under each of the certificates section I see that the renewal is auto-rotation by system. Is there any possible way where we can manually renew all these certificates managed by system?

-- rakesh kotian
kubernetes
okd
openshift
openshift-client-tools
openshift-origin

Similar Questions

kubeadm + calico 3.6 singlenode notready forever
Terraform Error 'bool' is not a valid type
Kubernetes (AKS) : Expose multiple ports of different service to common load balancer
How to get a Google managed certificate (ingress)? I received no matches for "ManagedCertificate"
kubectl create secret via gitlab throwing error

0 Answers