Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface KubeCertificateSigningRequestProps

CertificateSigningRequest objects provide a mechanism to obtain x509 certificates by submitting a certificate signing request, and having it asynchronously approved and issued.

Kubelets use this API to obtain:

  1. client certificates to authenticate to kube-apiserver (with the "kubernetes.io/kube-apiserver-client-kubelet" signerName).
  2. serving certificates for TLS endpoints kube-apiserver can connect to securely (with the "kubernetes.io/kubelet-serving" signerName).

This API can be used to request client certificates to authenticate to kube-apiserver (with the "kubernetes.io/kube-apiserver-client" signerName), or to obtain certificates from custom non-Kubernetes signers.

schema

io.k8s.api.certificates.v1.CertificateSigningRequest

Hierarchy

  • KubeCertificateSigningRequestProps

Index

Properties

Properties

Optional Readonly metadata

metadata: ObjectMeta
schema

io.k8s.api.certificates.v1.CertificateSigningRequest#metadata

Readonly spec

spec contains the certificate request, and is immutable after creation. Only the request, signerName, and usages fields can be set on creation. Other fields are derived by Kubernetes and cannot be modified by users.

schema

io.k8s.api.certificates.v1.CertificateSigningRequest#spec

Generated using TypeDoc