github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-13 21:25:09 +00:00
Code Issues Projects Releases Wiki Activity

kubeadm - fix local etcd grpc gateway

Browse Source 
- etcd 3.2 uses the server certificate as the client cert for the grpc
  gateway, this updates the generation of the etcd server certificate to
  add client usage to resolve the issue.
This commit is contained in:
Jason DeTiberus
2018-06-12 11:24:24 -04:00
parent 793a51cef0
commit b8e8e35333
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/kubeadm/app/phases/certs/certs.go
View File

@@ -377,7 +377,7 @@ func NewEtcdServerCertAndKey(cfg *kubeadmapi.MasterConfiguration, caCert *x509.C
config := certutil.Config{
CommonName: cfg.NodeRegistration.Name,
AltNames: *altNames,
Usages: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
Usages: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth},
}
etcdServerCert, etcdServerKey, err := pkiutil.NewCertAndKey(caCert, caKey, config)
if err != nil {