Closed serbrech closed 5 years ago
hugree
commented
5 years ago I think that I just hit that wall too. I uploaded a PFX certificate and it's not working with my Spring Boot application using it. When I use it directly it works fine. When I use it via the mounted flexvolume it's not working correctly. The file size is different. The mounted version is much smaller.
Is there any reason for such behavior?
serbrech
commented
5 years ago Try setting the type as secret. The private part of the certificate is downloadable as a secret. The « cert » type only downloads the public part of the cert. On Fri 14 Dec 2018 at 02:58, hugree notifications@github.com wrote:
I think that I just hit that wall too. I uploaded a PFX certificate and it's not working with my Spring Boot application using it. When I use it directly it works fine. When I use it via the mounted flexvolume it's not working correctly. The file size is different. The mounted version is much smaller.
Is there any reason for such behavior?
— You are receiving this because you were assigned. Reply to this email directly, view it on GitHub https://github.com/Azure/kubernetes-keyvault-flexvol/issues/50#issuecomment-447186686, or mute the thread https://github.com/notifications/unsubscribe-auth/AATRze1agt6TJda-WimKZkxb9gRtEszxks5u4wXdgaJpZM4Yy2Hm .
alexsandro-xpt
commented
5 years ago So... alright
The interesting things is the mounted cert file at POD has no password more, is this right?
ritazh
commented
5 years ago Fixed via #59
When pulling an object of type cert from keyvault, we do not have a choice in the format of the resulting file. Additionally, the current implementation only gets the public portion of the certificate.
Being able to pull both the public and secret part of the certificate in a
mycert.crtandmycert.keywould be useful to setup SSL endpoint for ingress controllers for example.