github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-29 14:37:00 +00:00
Code Issues Projects Releases Wiki Activity

kubeadm - fix local etcd grpc gateway

Browse Source 
- etcd 3.2 uses the server certificate as the client cert for the grpc
  gateway, this updates the generation of the etcd server certificate to
  add client usage to resolve the issue.
This commit is contained in:
Jason DeTiberus 2018-06-12 11:24:24 -04:00
parent 793a51cef0
commit b8e8e35333
No known key found for this signature in database
GPG Key ID: CBD7D7A4B41437BC
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/kubeadm/app/phases/certs/certs.go
View File

@ -377,7 +377,7 @@ func NewEtcdServerCertAndKey(cfg *kubeadmapi.MasterConfiguration, caCert *x509.C
config := certutil.Config{
CommonName: cfg.NodeRegistration.Name,
AltNames: *altNames,
Usages: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
Usages: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth},
}
etcdServerCert, etcdServerKey, err := pkiutil.NewCertAndKey(caCert, caKey, config)
if err != nil {