Open hamza-m-masood opened 1 year ago
@HamzaMasood1 i am not so sure on this . @sftim if this is right could we mark this command as deprecated?
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
We should explain how to set up certificates. That explanation doesn't need to use the openssl
command.
/remove-triage support /kind bug /triage accepted /sig security /language en
@sftim: Those labels are not set on the issue: triage/support
/remove-lifecycle stale
/remove-kind support
@HamzaMasood1 On executing this command, there is no deprecation warning.
openssl req -x509 -new -nodes -key ca.key -subj "/CN=${MASTER_IP}" -days 10000 -out ca.crt
.
Can you please share the reference to the deprecation?
I can also confirm that the openssl req
command listed in the Generate Certificates Manually task works as intended and generates the certificate without any errors.
However, the man page for the openssl req
command does mention that the -nodes
option has been deprecated and that the -noenc
option should be used instead.
-nodes
This option is deprecated since OpenSSL 3.0; use -noenc instead.
@sftim I can update the page in question to reflect this change if that helps for clarity.
/assign
FYI @dipesh-rawat
@sftim I can update the page in question to reflect this change if that helps for clarity.
Noted.
@sftim, should I go ahead and update the doc? Or should we close this issue? Thanks
Within this page: content/en/docs/tasks/administer-cluster/certificates.md
The nodes command is deprecated: openssl req -x509 -new -nodes -key ca.key -subj "/CN=${MASTER_IP}" -days 10000 -out ca.crt
Just wanted to let you guys know : )