-
-
Notifications
You must be signed in to change notification settings - Fork 325
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rustls cannot use client-key in EC Private Keys format #542
Comments
Interestingly, we're using kube-rs without issue on k3d (from within the cluster using service account tokens, not using the admin kubeconfig). Presumably, this is because in this case we use bearer auth to the API and don't need to parse PEM-formatted EC keys? Though, we have users hitting this problem in other contexts: linkerd/linkerd2#7011 |
Workaround for #153 is no longer necessary for in-cluster connection since
Yes Updated the issue to mention in-cluster config is not affected. Thanks. |
rustls does not support EC Private Key (rustls/rustls#332).
This prevents using rustls with k3d cluster (after working around #153). Note that in-cluster config is not affected by this.
A workaround is to use OpenSSL to convert to PKCS#8 and update the config.
Get the
client-key-data
for the cluster and confirm that it's EC Private Key:Convert to PKCS#8 with OpenSSL and update the config:
Don't forget to also change
server
to uselocalhost
for #153.The text was updated successfully, but these errors were encountered: