-
Notifications
You must be signed in to change notification settings - Fork 13
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
730f4b9
commit 22454a8
Showing
32 changed files
with
1,104 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,93 @@ | ||
| # Authentication in Ingress | ||
|
|
||
| ## Basic Auth | ||
| ### Create htpasswd file | ||
| ```bash | ||
| $ htpasswd -c auth foo | ||
| New password: <bar> | ||
| New password: | ||
| Re-type new password: | ||
| Adding password for user foo | ||
| ``` | ||
|
|
||
| ### Convert htpasswd into a secret | ||
| ```bash | ||
| $ kubectl create secret generic basic-auth --from-file=auth | ||
| secret "basic-auth" created | ||
| ``` | ||
|
|
||
| ### Testing | ||
| ```bash | ||
| curl -v http://161.35.240.187/ -H 'Host: foo.bar.com' | ||
| ``` | ||
|
|
||
| ```bash | ||
| openssl req -x509 -nodes -newkey rsa:2048 -keyout mydomain.key -out mydomain.crt -subj "/CN=mydomain.com" -reqexts SAN -extensions SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:mydomain.com,DNS:www.mydomain.com")) | ||
| ``` | ||
|
|
||
| ```bash | ||
| openssl req -x509 -sha256 -newkey rsa:4096 -keyout ca.key -out ca.crt -days 356 -nodes -subj '/CN=Anvesh' -reqexts SAN -extensions SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:mydomain.com,DNS:www.mydomain.com")) | ||
|
|
||
|
|
||
| $ openssl req -new -newkey rsa:4096 -keyout server.key -out server.csr -nodes -subj '/CN=mydomain.com' | ||
| $ openssl x509 -req -sha256 -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt | ||
|
|
||
|
|
||
| $ openssl req -new -newkey rsa:4096 -keyout client.key -out client.csr -nodes -subj '/CN=Anvesh' | ||
| $ openssl x509 -req -sha256 -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 02 -out client.crt | ||
|
|
||
|
|
||
|
|
||
| ``` | ||
|
|
||
|
|
||
| ## Generate the CA Key and Certificate | ||
| ```bash | ||
| $ openssl req -x509 -sha256 -newkey rsa:4096 -keyout ca.key -out ca.crt -days 356 -nodes -subj '/CN=Anvesh' | ||
| ``` | ||
|
|
||
| # Generate the Server Key, and Certificate and Sign with the CA Certificate | ||
| ```bash | ||
| $ openssl req -new -newkey rsa:4096 -keyout server.key -out server.csr -nodes -subj '/CN=ingress-domain.com' | ||
| $ openssl x509 -req -sha256 -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt | ||
| ``` | ||
|
|
||
| # Generate the Client Key, and Certificate and Sign with the CA Certificate | ||
| ```bash | ||
| $ openssl req -new -newkey rsa:4096 -keyout client.key -out client.csr -nodes -subj '/CN=Anvesh' | ||
| $ openssl x509 -req -sha256 -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 02 -out client.crt | ||
| ``` | ||
|
|
||
| ```bash | ||
| $ kubectl create secret generic tls-secret --from-file=tls.crt=server.crt --from-file=tls.key=server.key --from-file=ca.crt=ca.crt | ||
| ``` | ||
|
|
||
| ### Testing | ||
| ```bash | ||
| curl -v http://161.35.240.187/ -H 'Host: ingress-domain.com' | ||
| ``` | ||
|
|
||
| ```bash | ||
|
|
||
| kubectl get pods -n kube-system | grep nginx-ingress-controller | ||
| nginx-ingress-controller-5984b97644-qbwtv 1/1 Running | ||
| $ kubectl exec -it -n kube-system nginx-ingress-controller-5984b97644-qbwtv cat /etc/nginx/nginx.conf | grep ssl_client_certificate -A 1 | ||
| ssl_client_certificate /etc/ingress-controller/ssl/default-my-certs.pem; | ||
| ssl_verify_client on; | ||
|
|
||
| ``` | ||
|
|
||
|
|
||
|
|
||
| curl -v https://161.35.240.187/ -H 'Host: ingress-domain.com' --cert client.crt --key client.key -k | ||
|
|
||
|
|
||
|
|
||
| curl -k https://161.35.240.187/ -v -H 'Host: meow.com' --cert client.crt --key client.key | ||
|
|
||
|
|
||
|
|
||
| curl -k http://172.17.4.99 -v -H 'Host: external-auth-01.sample.com' | ||
|
|
||
|
|
||
| curl https://ingress-domain.com/ --cert client.crt --key client.key -k |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| anvesh:$apr1$xT8sZHOr$Co3RzOmlNx5qmrsw.Jel1. |
25 changes: 25 additions & 0 deletions
25
nginx-ingress/hands-on/authentication/basic/basic-ingress.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| apiVersion: networking.k8s.io/v1 | ||
| kind: Ingress | ||
| metadata: | ||
| name: ingress-with-auth | ||
| annotations: | ||
| # type of authentication | ||
| nginx.ingress.kubernetes.io/auth-type: basic | ||
| # name of the secret that contains the user/password definitions | ||
| nginx.ingress.kubernetes.io/auth-secret: basic-auth | ||
| # message to display with an appropriate context why the authentication is required | ||
| nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - anvesh' | ||
| nginx.ingress.kubernetes.io/rewrite-target: / | ||
| spec: | ||
| ingressClassName: nginx | ||
| rules: | ||
| - # host: foo.bar.com | ||
| http: | ||
| paths: | ||
| - path: / | ||
| pathType: Prefix | ||
| backend: | ||
| service: | ||
| name: blogging-svc | ||
| port: | ||
| number: 80 |
20 changes: 20 additions & 0 deletions
20
nginx-ingress/hands-on/authentication/basic/blog-deploy.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| apiVersion: apps/v1 | ||
| kind: Deployment | ||
| metadata: | ||
| name: blog-app | ||
| labels: | ||
| app: blogging-application | ||
| spec: | ||
| replicas: 1 | ||
| selector: | ||
| matchLabels: | ||
| app: blogging-application | ||
| template: | ||
| metadata: | ||
| labels: | ||
| app: blogging-application | ||
| spec: | ||
| containers: | ||
| - name: blog-container | ||
| image: anvesh35/blogging-application:v2.0.0 | ||
| # image: nginx |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| apiVersion: v1 | ||
| kind: Service | ||
| metadata: | ||
| name: blogging-svc | ||
| labels: | ||
| app: blogging-application | ||
| spec: | ||
| type: ClusterIP | ||
| selector: | ||
| app: blogging-application | ||
| ports: | ||
| - protocol: TCP | ||
| port: 80 | ||
| targetPort: 80 |
20 changes: 20 additions & 0 deletions
20
nginx-ingress/hands-on/authentication/client-certs/blog-deploy.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| apiVersion: apps/v1 | ||
| kind: Deployment | ||
| metadata: | ||
| name: blog-app | ||
| labels: | ||
| app: blogging-application | ||
| spec: | ||
| replicas: 1 | ||
| selector: | ||
| matchLabels: | ||
| app: blogging-application | ||
| template: | ||
| metadata: | ||
| labels: | ||
| app: blogging-application | ||
| spec: | ||
| containers: | ||
| - name: blog-container | ||
| image: anvesh35/blogging-application:v2.0.0 | ||
| # image: nginx |
14 changes: 14 additions & 0 deletions
14
nginx-ingress/hands-on/authentication/client-certs/blog-svc.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| apiVersion: v1 | ||
| kind: Service | ||
| metadata: | ||
| name: blogging-svc | ||
| labels: | ||
| app: blogging-application | ||
| spec: | ||
| type: ClusterIP | ||
| selector: | ||
| app: blogging-application | ||
| ports: | ||
| - protocol: TCP | ||
| port: 80 | ||
| targetPort: 80 |
30 changes: 30 additions & 0 deletions
30
nginx-ingress/hands-on/authentication/client-certs/certs/ca.crt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIFITCCAwmgAwIBAgIUISoQfryDXv+HXX9jCysiAFCIXJ4wDQYJKoZIhvcNAQEL | ||
| BQAwIDEeMBwGA1UEAwwVQW52ZXNoIENlcnQgQXV0aG9yaXR5MB4XDTI0MDQwNzIy | ||
| MzczM1oXDTI1MDMyOTIyMzczM1owIDEeMBwGA1UEAwwVQW52ZXNoIENlcnQgQXV0 | ||
| aG9yaXR5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzU6dBwYc4ltU | ||
| CArBraPmn5VZuioT62OAb8D6a6ff4yukL8jZOOgL5zDaWAiTev2b2ytVQ4/UM4++ | ||
| ZlJkCpg3Wxrs0GEzNj3cOZUWW9ddAxYGrPpUEMmO9slqVt2ZyerIyYL3T02p0PJ/ | ||
| g59btd/TdB6tvZgiA7y94KK7c6VKlLB0bVvRjhRgA03MRVQQbe8fDpVdbJJ25Y/Z | ||
| sHRPvdBflwdSSDdgojsASu5/GOsM9uVdY69ri6dKZRhdoeVIH36TfOkggkASKtv7 | ||
| SGWU8TRgGePYQLYx/TqtHiKuNjpFvUwPokaIlTjoAkB4m4D/Xax/xwizws7hf1XZ | ||
| aTjNh0Azqy0EEKmcQyRX1gBqeKTpJNIXIjUSE8gzMA9HsJsNLgYiZSwYxVp39za1 | ||
| 7N/Qu6c7KeSs7IE1mRpZ/rrZ2ZuBTcgtF/kSTnGBWtcjq4pUv75DlDZkdjipAlgt | ||
| hM1MHvPfFe+1aJdjo0OybEDkfZ/2CeySBa+dnL1kh1gLND23OM2UbmL2O0a6Z3GY | ||
| B2Ky9ZJ+KZYRFIm0Nqc1N4IN0xjsQvKMjjH0wkOQ5GDlMD0OPDcii60jdsgq10st | ||
| F6XkE3BzLpLi//2n4q5Hq9EruF+dmqSJipA9OeWFjONgzufZ9aurbYr6dclV1qO1 | ||
| CMdAqua6I4hJv4+AXOYTznW04fGyJ4ECAwEAAaNTMFEwHQYDVR0OBBYEFAZAASwS | ||
| XuRNIuQp1hKm3BZSGcc1MB8GA1UdIwQYMBaAFAZAASwSXuRNIuQp1hKm3BZSGcc1 | ||
| MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBALKDwK2QaBPWzvYr | ||
| Bxa/lQg+eJyethkeMR+6VrAplJ01jAEjIaZuBBzE2q00UVySkzztTfXriu/lWldb | ||
| SRrXD/TXQAovRy0w2WrhdWjYJDGbDs+wx06VHN9umnMGZLulmFDk7ra2k0f0Nh1q | ||
| s9S6mx2CYMT1hUPPgzmdeboOUzarO8o0g1zz9NJIMENCdu1v0tU3HVsNL0RHn2g9 | ||
| 8rPkL+KhJFJwpTCcYrrmGesvAbCWWT0KBzBrpW2SlKxbymMu8QzG/EF3d7h4AtBX | ||
| 58m1qrPqPB5AubAd/3YTBN5jydBEO8skhgJh1B7SZdCoK/F2590FhPbMvOvRgqR8 | ||
| XI9CDs4QyCMMcDhFmmTVgSxQhr/4tOtSzx5uxdc3wl7MRWUyIsWVLnmz5YKfGK1N | ||
| d6hgffOXWbLw5PuWhWgs4z0XRznBowr9xAISOtoxRnXJawgw4MnHxhG+giJ1sVN8 | ||
| LfhlqwCbyxdVxN+AHjW8PU+ZUQSYhLkpL+CDYkdYtT6/bk7xqdVmMYpAXYj5hnEr | ||
| uXMSsZSInUc3QOHnFrMDvOpIyoElSpcqlDCsdJ4I5oPRxshzFtL2UVNK6a3Oh5lz | ||
| l+NElnfr+YmhDG4Avs3fAEBxYe8Hmb6sjd7hBSHmSk3RbyVFTV4OtqmOxfQBANIQ | ||
| CL/fxmPSObEvTJ1cdvNujPr8FGCJ | ||
| -----END CERTIFICATE----- |
52 changes: 52 additions & 0 deletions
52
nginx-ingress/hands-on/authentication/client-certs/certs/ca.key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| -----BEGIN PRIVATE KEY----- | ||
| MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDNTp0HBhziW1QI | ||
| CsGto+aflVm6KhPrY4BvwPprp9/jK6QvyNk46AvnMNpYCJN6/ZvbK1VDj9Qzj75m | ||
| UmQKmDdbGuzQYTM2Pdw5lRZb110DFgas+lQQyY72yWpW3ZnJ6sjJgvdPTanQ8n+D | ||
| n1u139N0Hq29mCIDvL3gortzpUqUsHRtW9GOFGADTcxFVBBt7x8OlV1sknblj9mw | ||
| dE+90F+XB1JIN2CiOwBK7n8Y6wz25V1jr2uLp0plGF2h5UgffpN86SCCQBIq2/tI | ||
| ZZTxNGAZ49hAtjH9Oq0eIq42OkW9TA+iRoiVOOgCQHibgP9drH/HCLPCzuF/Vdlp | ||
| OM2HQDOrLQQQqZxDJFfWAGp4pOkk0hciNRITyDMwD0ewmw0uBiJlLBjFWnf3NrXs | ||
| 39C7pzsp5KzsgTWZGln+utnZm4FNyC0X+RJOcYFa1yOrilS/vkOUNmR2OKkCWC2E | ||
| zUwe898V77Vol2OjQ7JsQOR9n/YJ7JIFr52cvWSHWAs0Pbc4zZRuYvY7RrpncZgH | ||
| YrL1kn4plhEUibQ2pzU3gg3TGOxC8oyOMfTCQ5DkYOUwPQ48NyKLrSN2yCrXSy0X | ||
| peQTcHMukuL//afirker0Su4X52apImKkD055YWM42DO59n1q6ttivp1yVXWo7UI | ||
| x0Cq5rojiEm/j4Bc5hPOdbTh8bIngQIDAQABAoICACCtVYLrryc8AAjzpVX801Ut | ||
| EUX3MopxoNyoq3L9Gj5vEMfmQOS00kgu12HRo5+cw/TDVePV/aFjTJu+m1uwVIc0 | ||
| puKXxe3pNKcZmqBti8lU9SUNBtpRKmcPMdS3mqWvr9ua87/0jYXLQw5xC8jL4j0G | ||
| MQMPNsK/hL0/SXSjp1Y5K57IUXc6uPltpYiXU7IbsCbDEUaZnUD2f2B9cr+0bbJ9 | ||
| INSLs96+Y1KJ2ULfDoYxhYa7QfPNYaLrmOOOuccBf3oPJPR2PC4EK1+fg3BMtMsK | ||
| H75VAWnbr/gu7umEptr1QzvB3DVcBFlvZ4LgqkR/kyrbsLjd8rgwstTzjIrtZguc | ||
| nZnSA1Be+1nTBXEeNRP0w9CFkqKwqnCuaBET5/Q3PnPwsa2bhpD14C1GbW9BQQ4+ | ||
| g6VpnFgBg1KFCmvwgPDDnjrfaf0hRTSUn5gbZGny8fu+7oHMETRo2TIRKbU0gRb0 | ||
| tU20Iu9kSWPOQ83VOSoMCmnpuuLNN0mnNVzV6DzrMmrn2isvRjA5F4O8nnjDXhIg | ||
| /r+O09OwNoPFA/XOuMdxQ9ztEKVMI56p6gtrcevEyLJoVKnzRva4B7eJf5aufgUM | ||
| YxCb+PyYo6oD0PUVjYGpdBNhczBBk5nFiP1Vc7DV1onEII3pqYZJt9eOzfhkEICt | ||
| cQfKo3G/xTtYWeDhHx/9AoIBAQDyAnG1eV843Gpkgoz+6fvDBq7wDZtltgf+CPcU | ||
| Ac5KT0wFZsGteK9s7NxiTTXzA5ZtyLx+1GW4aeJepJiavr+PAI/A4Nu+kdW0p2Bo | ||
| LAP+LE6RBx8KYpl6nU3nR+KI69kzQZpyLZtsEyYQVcXl5ZHKCccYK/g4WmqLS5/3 | ||
| 8M+DtWqECwsaAPMH/fPwKGxjGUJdMzaUMepg6c2hLwO9wCzV0TDqxEubVaK+Ym4k | ||
| ArnTmetXXCBS2c875hpMuv7ayt1oCB7TsQqmFYxFViQk76XMu4oElkNMnlA4Qwbf | ||
| OQ4zCVRCaPSBlHIl5g6gF7DXSXIiewi/h+K5MUtpwzUG9iQfAoIBAQDZLQA5V5Kz | ||
| zXhDf5BDA1pkgFsWA+Y6dRLXk7Pb4toMHEENn2EgqROAnySAfZD5+6f+Bgh3KFiE | ||
| uxMALRTzlXC8AjvaUpETbWzkJNssD7dsD1o9LThK5CfHNw36UYj1tGXZbizLP4P4 | ||
| r5etqKgLLS1TPLqsbrWGYxsYHf34JWskoeC+hWkgWJMIygki68mQN6KZtpxFFwkm | ||
| jnagmdN8rrh7h/GWquVSxwd7LT6vzK0M6aldrfREKRnzfBwR4wIHWCxkpi/+Hf/S | ||
| +1p8IMEavE7wQVSEINjh5TdKU+AsI/oo0A0xPtI9Y0yB+j0Dwdh2DctKhhA6VLKL | ||
| JuiDtGNKTUBfAoIBAQDPHfhi73TnHPyQ+IniwC2PQ3EEUSDlc1xztQiAPutl/Wd6 | ||
| V+75n4fDGROjraC2UiOz4VAw22YS5cuuY/+WsBkRMdHVqJtoBTd4XKbNgJ4KMbEr | ||
| vYR7RtdDcMzzWzotJGvGyiZ8ATw6ykiRQlcT4d1bo/KYZUkSMY9tl1NYxudSOTjn | ||
| uOvPXXChLl5O8smQJlX9nY7gVbfZKT+q6qmxA39bnqTWxxhN4IRfm63Xc93Fkr0v | ||
| DtE7Ft2czdlEQeVLKsNB/XEkiygp69cYoBhe5BpplTcRpegC8pqFDBgdgp78XseV | ||
| 7m0TWRA4DyQFL0FRfrIHgHSENq96/w0jfsUrKAzRAoIBAQDHTEK+XJ0mH9LTrobG | ||
| 2JblT91G8MEguDtYVhViHmYXYv5X8AEEJeTdzi2DNLgMkGLz/LlcEExbUgn3yWdG | ||
| ucdA4ZPnoIm+GFcrbp8raijbI6OeLJdSMtpGOUG8i4JyaOBmjnLQ+jKzzwAUv4em | ||
| 6giEMGDmyJoQ/3Xnxe5BAKW4ck16yZdVtbMJB88mmtbYYBX5ldkGlkMxfN9kNoYc | ||
| D4MA6hpMN/xG4Jr+8OBsGBpelTd13qMgwc8s4KIpz/cWolXq749vVjxkc4HwE2bi | ||
| kBio5msW7cXaV61Lqnk4SLPTLEpO/OWWrD+Tr/66KfPpMnNyqmDOBtfqVwRdiPbt | ||
| QsNlAoIBAQDt60eCujoVEzhsYrezaC3Qwzku8VIIoo0SE/odO8akRT2Mx0KIQpJ7 | ||
| oryowHPk9wAQlFdPogfg92u4NEQ4YvOqnX63tCXMfBiSlVGmB0Br2AKUc0Cx8N1N | ||
| Hk043lKW2zLAICJfbXTugsI1KDqZ/I6fs5qn7nNQuhVtSeXnxPDAbO5Av8qpR0pH | ||
| ztV3Dlt+9WzFLISQtP0uOKJ5en01tOgSeKXEbfQ6SEYno3FZmPh85jIlYMizc4m4 | ||
| 8bqBvYyFWAUqwNi5/vW1jKpBenC/Lo3pg0AdxDee7P7Ynzqbl1S7k8m8w49DZ8SD | ||
| ofb9OQgClgrsdsIifpdYZQX3xaULkQuO | ||
| -----END PRIVATE KEY----- |
29 changes: 29 additions & 0 deletions
29
nginx-ingress/hands-on/authentication/client-certs/certs/client.crt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIE7jCCAtagAwIBAgIBAjANBgkqhkiG9w0BAQsFADAgMR4wHAYDVQQDDBVBbnZl | ||
| c2ggQ2VydCBBdXRob3JpdHkwHhcNMjQwNDA3MjI0MzI5WhcNMjUwNDA3MjI0MzI5 | ||
| WjARMQ8wDQYDVQQDDAZBbnZlc2gwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK | ||
| AoICAQDNJ2CQhP4lO9OQjKjxFWBJ6DLaD/v8DrL2MZXjOGWChOtWlEtLGmzvVz9S | ||
| 6JZknmAV8/1n+mgQm7RJDeuZyvm97a00XY4PbdkQJJJt8Jcx4uPJRct5/69W/EI6 | ||
| rHTGzsOJGvoE0eMSwVlpyrVnC2Bdrw94CDhCkyiokXg3AZFjM5jqGEXBCpNA0c70 | ||
| 5BFxE8Q+3UVR5+XShF7f4snuibcBNRXHyF1FZ6tsULBab0pagyQX3gPy358l15RP | ||
| NQqqsrwbW8kEEhMlOPTlGZ5p9VWh9rOoGNcGBn4/igPkk8h4lSKb6sriKrdSoLqQ | ||
| 6H6poPHqDJAXjTsdW5lO7tC0vIC+fr1DQoaKAHsKm4RFElik34ta/hFEnTreuiko | ||
| zXnFxmJdxJERWaf2tWs+Jd0bZnxw/dt7VoxbtKR6fesyndEe3JwhH23QAGR0+xjR | ||
| VfEtaChRh24MAeK8/wqzFsZ3pyw+Wrb7Dlf+aGpRTXRvXEh8m3yWrUJQoKUUQVwF | ||
| hJMlLNQ0nR6dXHfF5NPZ7tB4zSn1jsf0IC8Ei+j5vZ5lGc7RpAxTexexQgffjO6c | ||
| 2r1OOrIdbnIf1gUJzx+FEHzqT0f3GcT6MF9jbKAXhGnVI7rUtPfalQcahYAMx0sW | ||
| OGTIM8/eRzzjbpmmMvHU1uVa6DL21uuId3NZwQO3xE6QAQyhHQIDAQABo0IwQDAd | ||
| BgNVHQ4EFgQUOJfK/2kc/BoVXmiPXWipBWnhiIgwHwYDVR0jBBgwFoAUBkABLBJe | ||
| 5E0i5CnWEqbcFlIZxzUwDQYJKoZIhvcNAQELBQADggIBAGlb5OuPt/wMOQfkAGIs | ||
| n6mQ0sLdsJyHoJYbtP2F6NtG72uqulFOUYvjTCc8xjlKkSFzegPivjGxwLZq47U0 | ||
| PfztQuofbOkDmSYCRvkJsalKeVDI540f1MGolH2MKphfYPc8M9ksh3x9EeBbdVyy | ||
| t12jXH45doBjkWHE/46ZZEqyLE9Zf+vQv4W00rXE4UQnhdbba3a8mqIZRnMG7qg9 | ||
| nmfaeWR20T0tHyh6l1rPbn5Wy9P/k5evdSz9Y9X8vhb+Zugp5zfEHTuAcs26TMph | ||
| ikOlNJdl9pN0CnYCEPeyo/ko/n5RniaVeUCfnST2LdXN3ljqGmkS/iI5GKWRFbnc | ||
| lk9TOKcPO3AeylKhlic7qHxwfxAbKFzfBze5lMLK1/BvUOt0P0Tyw8ktkFW9ujQR | ||
| t2g7n47y2BmUnLN9xLY86oNeJd65qW86iYxkxEEjr+uF0b4mRDTMNyfz/nkM5y3o | ||
| gq5HzKFxkPYDOMNfubgcqdvZ45ACiw+oQARSyCSDbph71qckpuIs0s7AMYx7W9B+ | ||
| qrpKaCWWq5VFrtlIY7uM/kX3ibQ6SqMsF7VcQqKuwQOKTnxdYwTCcnmCSRdNoQEb | ||
| TRIUGDApCb3+GRXNacvOLeiWSjxbNVM56Xy3WTWWnNun6ClKAy86EPVJ4wORLa8/ | ||
| z2W8pjAFFOM52dI6qKIbKimP | ||
| -----END CERTIFICATE----- |
26 changes: 26 additions & 0 deletions
26
nginx-ingress/hands-on/authentication/client-certs/certs/client.csr
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| -----BEGIN CERTIFICATE REQUEST----- | ||
| MIIEVjCCAj4CAQAwETEPMA0GA1UEAwwGQW52ZXNoMIICIjANBgkqhkiG9w0BAQEF | ||
| AAOCAg8AMIICCgKCAgEAzSdgkIT+JTvTkIyo8RVgSegy2g/7/A6y9jGV4zhlgoTr | ||
| VpRLSxps71c/UuiWZJ5gFfP9Z/poEJu0SQ3rmcr5ve2tNF2OD23ZECSSbfCXMeLj | ||
| yUXLef+vVvxCOqx0xs7DiRr6BNHjEsFZacq1ZwtgXa8PeAg4QpMoqJF4NwGRYzOY | ||
| 6hhFwQqTQNHO9OQRcRPEPt1FUefl0oRe3+LJ7om3ATUVx8hdRWerbFCwWm9KWoMk | ||
| F94D8t+fJdeUTzUKqrK8G1vJBBITJTj05RmeafVVofazqBjXBgZ+P4oD5JPIeJUi | ||
| m+rK4iq3UqC6kOh+qaDx6gyQF407HVuZTu7QtLyAvn69Q0KGigB7CpuERRJYpN+L | ||
| Wv4RRJ063ropKM15xcZiXcSREVmn9rVrPiXdG2Z8cP3be1aMW7Sken3rMp3RHtyc | ||
| IR9t0ABkdPsY0VXxLWgoUYduDAHivP8KsxbGd6csPlq2+w5X/mhqUU10b1xIfJt8 | ||
| lq1CUKClFEFcBYSTJSzUNJ0enVx3xeTT2e7QeM0p9Y7H9CAvBIvo+b2eZRnO0aQM | ||
| U3sXsUIH34zunNq9TjqyHW5yH9YFCc8fhRB86k9H9xnE+jBfY2ygF4Rp1SO61LT3 | ||
| 2pUHGoWADMdLFjhkyDPP3kc8426ZpjLx1NblWugy9tbriHdzWcEDt8ROkAEMoR0C | ||
| AwEAAaAAMA0GCSqGSIb3DQEBCwUAA4ICAQCPt5TV0oWkYlahGtrpv5+KRo/BoIQe | ||
| CV43vkbINe+XVBvlrtCTg5Oj7WDpVQpvD1uizXUqjSfu7hLoFGwaHEW8yazvQ5yC | ||
| rjju8qU20wDM4NtUSGN3yu0Kr9dsw/GmfA445qERQvd45kd5cDF87lc1WlNVwuIj | ||
| J5ZpKVWspMVyJlFMiYgc6ytTzUXIGBC1qcH3/OyPtT8sY0FZC5LeelCrxt/zsOSj | ||
| ILog0ZBqYZPRKfD+9sZlrgEGLch4jxMqlqRmqP2SdAoqqfAwxDUDICTMkwo1So9N | ||
| M+PdBiZ9XgZxwLEzMMcJme6bDZ8U6/2/LMIGVLoKMmBdtZrs6dxmFxqnIAmbaGuo | ||
| FF/nK7j4k3lTcnlK6QrZVOwYhJu8UTfzvAGSmlw7nw1Xaxe2edrfCQN8/A5G+oWI | ||
| KsVeVgxOisz3kT33GBpjK1cuTydp6xQQBwaK9vYrGPqbN55KoQ/zVWQr1OHaF6Yy | ||
| wSkrDh00AedNmrFOkBtqveqflYZ0NADVyAQwQnanrjY/be5BITo7sY3gIVpT4+h8 | ||
| 3OCjPugVXSmF7tW2uSVnTrFAodwJc2slQ8ZrDUbw0/i0TEs2dFlv3D5UYuKBLh59 | ||
| E+qkYshE5NwQu2ctAI08AghvzEW6lQVNowVl7nfgVjCdU1q74DJ3+8r/rpMhz8pP | ||
| U9hXnb356FxBWQ== | ||
| -----END CERTIFICATE REQUEST----- |
52 changes: 52 additions & 0 deletions
52
nginx-ingress/hands-on/authentication/client-certs/certs/client.key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| -----BEGIN PRIVATE KEY----- | ||
| MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDNJ2CQhP4lO9OQ | ||
| jKjxFWBJ6DLaD/v8DrL2MZXjOGWChOtWlEtLGmzvVz9S6JZknmAV8/1n+mgQm7RJ | ||
| DeuZyvm97a00XY4PbdkQJJJt8Jcx4uPJRct5/69W/EI6rHTGzsOJGvoE0eMSwVlp | ||
| yrVnC2Bdrw94CDhCkyiokXg3AZFjM5jqGEXBCpNA0c705BFxE8Q+3UVR5+XShF7f | ||
| 4snuibcBNRXHyF1FZ6tsULBab0pagyQX3gPy358l15RPNQqqsrwbW8kEEhMlOPTl | ||
| GZ5p9VWh9rOoGNcGBn4/igPkk8h4lSKb6sriKrdSoLqQ6H6poPHqDJAXjTsdW5lO | ||
| 7tC0vIC+fr1DQoaKAHsKm4RFElik34ta/hFEnTreuikozXnFxmJdxJERWaf2tWs+ | ||
| Jd0bZnxw/dt7VoxbtKR6fesyndEe3JwhH23QAGR0+xjRVfEtaChRh24MAeK8/wqz | ||
| FsZ3pyw+Wrb7Dlf+aGpRTXRvXEh8m3yWrUJQoKUUQVwFhJMlLNQ0nR6dXHfF5NPZ | ||
| 7tB4zSn1jsf0IC8Ei+j5vZ5lGc7RpAxTexexQgffjO6c2r1OOrIdbnIf1gUJzx+F | ||
| EHzqT0f3GcT6MF9jbKAXhGnVI7rUtPfalQcahYAMx0sWOGTIM8/eRzzjbpmmMvHU | ||
| 1uVa6DL21uuId3NZwQO3xE6QAQyhHQIDAQABAoICABtLaTjmbicSBfHYullo7f38 | ||
| m1dmgltksUFkE3xpnR0iW2qSIaUFB7KdjwU+1f4zvAuaV1VQJtb0Kvuqkx/2YLJ4 | ||
| 6W8Vdg3DdaUE2J6GlfcYfWnik/x6nMob7HaAn1YcCD6ON5ll5f+Gze3vVEyODOzU | ||
| mmBD57L5KpL9glr/Jb1nDf8x6jCRcZ9RdWbLjoPW4hM4aT1JIctCZUUFmAwuh7SX | ||
| atBrw00Kn+9cmjn4ozyA73plcBe40iRnbDSllUe6A/Y33foMAD7BjIOL8bGd5x4S | ||
| A+Znd6Q2P5xrMQgQ9BO8SSB+uoN2ChyU2dLnES23Bg3iTKwgKYScZ+dCisNLw8JX | ||
| OctIqBzhGJKu3OwgyaAQMs3f7pfjjNr1DcUeQs9Tq7zvsWaY3iFtmiTS/AkowFsZ | ||
| hOmUpKjjobVa1B54WErXrHiIUdO8kfYAThKSUqtPbv/8MpUiJ5Mkzu07s1R7NZMW | ||
| UNcf14hCm432Tvl4e3bvN3WuXW24Sja56SM8sSx8ciKUe4C3OTTSj/HiHyOyuzNO | ||
| v2dlwGnEQaUw33gLhWQzoUBiiyihaZacTE1IdZjfEw75alRJaB8P34OWl0mXXYKa | ||
| uN2pNewQnC4QeGrrb6Kcr71q6obxUf5/4nL5j623lRE9qnlY9zFR1GTbt8FjfBC/ | ||
| i4uHJj/7mqqHP7SKDdyZAoIBAQD8EW9zPKbaJHIATmZ7o1tv0SUHP/zmGZYZjybq | ||
| UbmcHKMOlRxihAlW/VAZfzaHSwJ44sGbP0I0jytQGg5roaG9z6s3r9Z+9Bu0mwo2 | ||
| IasgJwnYH2KhP/0bxkxiZ7MDE/zzKtMOpTqz68ygseqbILUXy5L/ezKP4TnMR9Bv | ||
| ZViJuEu3aO4GuXe5w06787BNTIkVrjLhjSSoAoSGpXO6LJpg3f4ihsdqDwlJDGVo | ||
| ysU7LGsQCMFXTRaJhI5LdmuMtxZfhqMhlBsDVOFf7CtPrtVCE6+IBCYCLLtpWG/C | ||
| ESjWmVgT4Mzw+WJM1UBz3wogLQJLlK2dsAJvhp6lnBBVy0yDAoIBAQDQWppANJro | ||
| e6Kp+va2K3clOaueGOeCEHmQPIod9PkgLi8wZ9s38im9r5sGLQjiH67cWMJgZTpL | ||
| 9h6aCLENSXKDNepw/+Bhnxe8ZiqLmpLgX+AlTGQk+ZP5NPTi+jbk+pLVOBrnXnB+ | ||
| nTtRYipXbojcErzFCZsMtx7SzNkr1TH/ykxAzTxR8sy8guXXSazTl8zVkFh5QpYF | ||
| MTSHdVL++jTOKvxkG7F5pD1/mELahYf67LC69JBlLtM6/81ZbKmqTUC1XaBqn/z/ | ||
| xEDAdPOax0s/OhKVnZvAlQfpZle845YRowPIBxwV6RbepJ0nA6kFUtAhNDK28tT7 | ||
| zAiaPMptPCnfAoIBAHLlu6iKf/+1VyWelwZKexZn/fnlB/EWvp2d6/4pDHMFdqnh | ||
| /BNH3j4Br24/12oqHdFegyOx3Qq6K+MSTXpwLZqou4Hhq+MogCx981SjWi6IvOr/ | ||
| u2SHF2d+pzi/zhBcHxP0dEobtLtog1jIYIkfioxzJelAjdaZsk/UeEUerBHyqMjM | ||
| kpsMFW/ef9gah0Vk2qPASL8ZKBlRNHlvl2XIiQIYjovMZb+JZREgDmWK8AY+A/tG | ||
| EmMp51j9zCLHstRsbE1UwK1ApmOJYEXqD//9UIYTFRLp2S1qmG63ehG64qOXOFev | ||
| Q5ugAVfGaN+oTiRGf+JVviG/pgySD2Sr06JXzeMCggEANYjCD3M0xj1WK0SvdVkv | ||
| sOHjhaiye0nOYlAb0Nyr0ifrug1FV1eif/mJ5IlXufoYDMfFkc0QsInZjQxkqZxQ | ||
| jwQga85jEdI14BOEJQCfcoVP62V4acOy0JpZvaQ6zJTRe3WB/CbY0r+FiUCmznY5 | ||
| NgqedCYmr5qxkcpOlqOdyDJra08Qi6HOFzWu5qUogemEGO+Qu/9u2oCtFY0AuUEC | ||
| pmKHHRW8gRvBLXKq4sjiioecVT0XiNgCMCuf0LVJ1tcopDEdUagv8muzk3+5Q/Cn | ||
| FeTO96Bab54bPU4thvwXCAsRoqio/7w3QxeaxXZ8TEDd91oZGcbFELl5EGBERtLp | ||
| kwKCAQEA7ZwQeIBci8ifJlok3CQHbEqiTNOgdco0OgqTW9RY9eZ9qu0iuMGVdBf2 | ||
| y7ccIfDXIynciZCDeBlQAUtT8pvab6lzF0ikxTXrnDTv5u6ULW7CawFX77CptOoV | ||
| /x8vFIQC1hAQAwFobfWX8QXnojli+BGkP/8wi8bqT3a/MmZFuEAv/lFW4i4hOLoL | ||
| RkG251ulrP+4LA+7k4sA8TP77Y6CqyKtCWUtsC2pWpTTUY2Bc/nXWG2aiDVGj8rA | ||
| lfatAuGN7bcAXE4ATJUDF5sHmIuQYcYMLUMKxrG8//jgVV8C4/O591MUCJGMrFTB | ||
| q9ZdGTF/p3ArGNb/qLUdNy4yVezmJg== | ||
| -----END PRIVATE KEY----- |
Oops, something went wrong.