Difference between revisions of "Kubectl get certificates"

From wikieduonline
Jump to navigation Jump to search
 
(12 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
{{lc}}
 
{{lc}}
 +
  [[kubectl get]] certificate
 +
  [[kubectl get]] [[certificaterequest]]
 +
  [[kubectl get]] certificatesigningrequest
  
  kubectl get certificates
+
 
 +
  [[kubectl get]] certificates
 
  NAME                        READY  SECRET                AGE
 
  NAME                        READY  SECRET                AGE
 
  your-prod-admin-tls-cert    False  your-prod-admin-tls-cert    21h
 
  your-prod-admin-tls-cert    False  your-prod-admin-tls-cert    21h
 
  your-prod-ssl-certificate  False  your-prod-ssl-certificate  21h
 
  your-prod-ssl-certificate  False  your-prod-ssl-certificate  21h
  
  [[kubectl describe certificate]] your-prod-admin-tls-cert
+
  kubectl get certificate your-certname -o yaml
 +
kubectl get certificate your-certname -o yaml | grep reason
 +
 
 +
k get certificate -A
 +
NAMESPACE  NAME                    READY  SECRET                  AGE
 +
grafana    [[quickstart-example-tls]]  False  quickstart-example-tls  101s
 +
 
 +
kubectl get certificates
 +
[[error: the server doesn't have a resource type "certificates"]]
  
  
Line 25: Line 37:
 
  Events:                          <none>
 
  Events:                          <none>
 
  .../...
 
  .../...
 +
 +
== Examples ==
 +
 +
== Examples ==
 +
kubectl get certificate your-certname -o yaml
 +
 
 +
apiVersion: cert-manager.io/v1
 +
kind: Certificate
 +
metadata:
 +
  creationTimestamp: "2022-07-19T10:04:17Z"
 +
  generation: 1
 +
  labels:
 +
    chart: efi-1.2.0
 +
    heritage: [[Tiller]]
 +
    release: your-release
 +
  name: prod-admin-tls-cert
 +
  namespace: yourns
 +
  resourceVersion: "8072080"
 +
  uid: 470e7384-c120-4e08-8d2b-b7152e9521d3
 +
spec:
 +
  dnsNames:
 +
  - your-subdomain.yourdomain.com
 +
  issuerRef:
 +
    kind: ClusterIssuer
 +
    name: letsencrypt-clouddns-prod
 +
  secretName: your-secret-nae
 +
status:
 +
  conditions:
 +
  - lastTransitionTime: "2022-07-19T10:04:17Z"
 +
    message: '[[Existing issued Secret is not up to date for spec]]: [spec.commonName
 +
      spec.dnsNames]'
 +
    reason: [[SecretMismatch]]
 +
    status: "False"
 +
    type: Ready
 +
  - lastTransitionTime: "2022-07-19T10:04:18Z"
 +
    message: Issuing certificate as Secret was previously issued by Issuer.cert-manager.io/
 +
    reason: [[IncorrectIssuer]]
 +
    status: "True"
 +
    type: Issuing
 +
  nextPrivateKeySecretName: prod-admin-tls-cert-f6zts
 +
  notAfter: "2022-08-21T13:19:36Z"
 +
  notBefore: "2022-05-23T13:19:37Z"
 +
  renewalTime: "2022-07-22T13:19:36Z"
 +
 +
== Related ==
 +
* <code>[[kubectl get issuer]]</code>
 +
* [[kubectl get csr]]
  
 
== See also ==
 
== See also ==
 +
* {{kubectl certificate}}
 
* {{cert-manager}}
 
* {{cert-manager}}
  
 
[[Category:K8s]]
 
[[Category:K8s]]

Latest revision as of 12:50, 14 February 2024

 kubectl get certificate
 kubectl get certificaterequest
 kubectl get certificatesigningrequest


kubectl get certificates
NAME                        READY   SECRET                 AGE
your-prod-admin-tls-cert    False   your-prod-admin-tls-cert    21h
your-prod-ssl-certificate   False   your-prod-ssl-certificate   21h
kubectl get certificate your-certname -o yaml 
kubectl get certificate your-certname -o yaml | grep reason
k get certificate -A
NAMESPACE   NAME                     READY   SECRET                   AGE
grafana     quickstart-example-tls   False   quickstart-example-tls   101s
kubectl get certificates
error: the server doesn't have a resource type "certificates"


.../...
Status:
  Conditions:
    Last Transition Time:        2012-07-13T13:34:16Z
    Message:                     Issuing certificate as Secret does not exist
    Reason:                      DoesNotExist
    Status:                      False
    Type:                        Ready
    Last Transition Time:        2012-07-13T13:34:16Z
    Message:                     Issuing certificate as Secret does not exist
    Reason:                      DoesNotExist
    Status:                      True
    Type:                        Issuing
  Next Private Key Secret Name:  yourprod-admin-tls-cert-trkl
Events:                          <none>
.../...

Examples[edit]

Examples[edit]

kubectl get certificate your-certname -o yaml
 
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  creationTimestamp: "2022-07-19T10:04:17Z"
  generation: 1
  labels:
    chart: efi-1.2.0
    heritage: Tiller
    release: your-release
  name: prod-admin-tls-cert
  namespace: yourns
  resourceVersion: "8072080"
  uid: 470e7384-c120-4e08-8d2b-b7152e9521d3
spec:
  dnsNames:
  - your-subdomain.yourdomain.com
  issuerRef:
    kind: ClusterIssuer
    name: letsencrypt-clouddns-prod
  secretName: your-secret-nae
status:
  conditions:
  - lastTransitionTime: "2022-07-19T10:04:17Z"
    message: 'Existing issued Secret is not up to date for spec: [spec.commonName
      spec.dnsNames]'
    reason: SecretMismatch
    status: "False"
    type: Ready
  - lastTransitionTime: "2022-07-19T10:04:18Z"
    message: Issuing certificate as Secret was previously issued by Issuer.cert-manager.io/
    reason: IncorrectIssuer
    status: "True"
    type: Issuing
  nextPrivateKeySecretName: prod-admin-tls-cert-f6zts
  notAfter: "2022-08-21T13:19:36Z"
  notBefore: "2022-05-23T13:19:37Z"
  renewalTime: "2022-07-22T13:19:36Z"

Related[edit]

See also[edit]

Advertising: