botelastic[bot]
commented
1 year ago This issue doesn't have a Team:<team> label.
Open fmiqbal opened 1 year ago
botelastic[bot]
commented
1 year ago This issue doesn't have a Team:<team> label.
fmiqbal
commented
1 year ago Team:Elastic-Agent
botelastic[bot]
commented
2 months ago Hi! We just realized that we haven't looked into this issue in a while. We're sorry!
We're labeling this issue as Stale to make it hit our filters and make sure we get back to it as soon as possible. In the meantime, it'd be extremely helpful if you could take a look at it as well and confirm its relevance. A simple comment with a nice emoji will be enough :+1.
Thank you for your contribution!
Describe the enhancement:
I am using microk8s with port 10250 anonymous authentication disabled and need to use X509 Client Certificate, as described in https://microk8s.io/docs/services-and-ports
Failing to present client cert resulting in
Unauthorizedresponse. The client certificate is in/var/snap/microk8s/current/certs/server.crtand/var/snap/microk8s/current/certs/server.crt.full command to make it work:
$/var/snap/microk8s/current/certs# curl --cert ./server.crt --key ./server.key --insecure https://127.0.0.1:10250/stats/summaryAs far as I understand and see there is no option to use this. Specific use case with this env:
Kubernetes: microk8s v1.27 Elasticsearch: version v8.7 Kubernetes Integration on Fleet Agent
Describe a specific use case for the enhancement or feature:
Add Client Certificate authentication beside bearer token file
Related SO question
https://stackoverflow.com/questions/60594159/accessing-kubelet-api-microk8s