TLS certificate management task assumes Linux-style `base64` command

[Jaybee18]

During the "Upload the signed certificate" step (https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/#upload-the-signed-certificate) the command didn't work without the "-i" option using the base64 command.

So instead of

kubectl get csr my-svc.my-namespace -o json | \
  jq '.status.certificate = "'$(base64 ca-signed-server.pem | tr -d '\n')'"' | \
  kubectl replace --raw /apis/certificates.k8s.io/v1/certificatesigningrequests/my-svc.my-namespace/status -f -

it had to be

kubectl get csr my-svc.my-namespace -o json | \
  jq '.status.certificate = "'$(base64 -i ca-signed-server.pem | tr -d '\n')'"' | \
  kubectl replace --raw /apis/certificates.k8s.io/v1/certificatesigningrequests/my-svc.my-namespace/status -f -

for me.

Is it a me problem or a general problem?

I'm on MacOS Sonoma 14.5

❯ base64 --version
FreeBSD base64

[T-Lakshmi]

Page: https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/#upload-the-signed-certificate /language en

[ayushpatil2122]

/assign

[Jaybee18]

Hey @ayushpatil2122,

I found a source saying this is only an issue with the newest MacOS versions. I suppose it works with normal linux. Maybe a short notice in the text is enough as opposed to changing the command?

[sftim]

I think this is worth fixing. We can't assume that people run Linux (most don't).

/triage accepted /priority backlog /retitle TLS certificate management task assumes Linux-style base64 command