Open fmiqbal opened 1 year ago
This issue doesn't have a Team:<team>
label.
Team:Elastic-Agent
Hi! We just realized that we haven't looked into this issue in a while. We're sorry!
We're labeling this issue as Stale
to make it hit our filters and make sure we get back to it as soon as possible. In the meantime, it'd be extremely helpful if you could take a look at it as well and confirm its relevance. A simple comment with a nice emoji will be enough :+1
.
Thank you for your contribution!
Describe the enhancement:
I am using microk8s with port 10250 anonymous authentication disabled and need to use X509 Client Certificate, as described in https://microk8s.io/docs/services-and-ports
Failing to present client cert resulting in
Unauthorized
response. The client certificate is in/var/snap/microk8s/current/certs/server.crt
and/var/snap/microk8s/current/certs/server.crt
.full command to make it work:
$/var/snap/microk8s/current/certs# curl --cert ./server.crt --key ./server.key --insecure https://127.0.0.1:10250/stats/summary
As far as I understand and see there is no option to use this. Specific use case with this env:
Kubernetes: microk8s v1.27 Elasticsearch: version v8.7 Kubernetes Integration on Fleet Agent
Describe a specific use case for the enhancement or feature:
Add Client Certificate authentication beside bearer token file
Related SO question
https://stackoverflow.com/questions/60594159/accessing-kubelet-api-microk8s