Difference between revisions of "Kubectl get certificates"
Jump to navigation
Jump to search
(12 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
{{lc}} | {{lc}} | ||
+ | [[kubectl get]] certificate | ||
+ | [[kubectl get]] [[certificaterequest]] | ||
+ | [[kubectl get]] certificatesigningrequest | ||
− | kubectl get certificates | + | |
+ | [[kubectl get]] certificates | ||
NAME READY SECRET AGE | NAME READY SECRET AGE | ||
your-prod-admin-tls-cert False your-prod-admin-tls-cert 21h | your-prod-admin-tls-cert False your-prod-admin-tls-cert 21h | ||
your-prod-ssl-certificate False your-prod-ssl-certificate 21h | your-prod-ssl-certificate False your-prod-ssl-certificate 21h | ||
− | + | kubectl get certificate your-certname -o yaml | |
+ | kubectl get certificate your-certname -o yaml | grep reason | ||
+ | |||
+ | k get certificate -A | ||
+ | NAMESPACE NAME READY SECRET AGE | ||
+ | grafana [[quickstart-example-tls]] False quickstart-example-tls 101s | ||
+ | |||
+ | kubectl get certificates | ||
+ | [[error: the server doesn't have a resource type "certificates"]] | ||
Line 25: | Line 37: | ||
Events: <none> | Events: <none> | ||
.../... | .../... | ||
+ | |||
+ | == Examples == | ||
+ | |||
+ | == Examples == | ||
+ | kubectl get certificate your-certname -o yaml | ||
+ | |||
+ | apiVersion: cert-manager.io/v1 | ||
+ | kind: Certificate | ||
+ | metadata: | ||
+ | creationTimestamp: "2022-07-19T10:04:17Z" | ||
+ | generation: 1 | ||
+ | labels: | ||
+ | chart: efi-1.2.0 | ||
+ | heritage: [[Tiller]] | ||
+ | release: your-release | ||
+ | name: prod-admin-tls-cert | ||
+ | namespace: yourns | ||
+ | resourceVersion: "8072080" | ||
+ | uid: 470e7384-c120-4e08-8d2b-b7152e9521d3 | ||
+ | spec: | ||
+ | dnsNames: | ||
+ | - your-subdomain.yourdomain.com | ||
+ | issuerRef: | ||
+ | kind: ClusterIssuer | ||
+ | name: letsencrypt-clouddns-prod | ||
+ | secretName: your-secret-nae | ||
+ | status: | ||
+ | conditions: | ||
+ | - lastTransitionTime: "2022-07-19T10:04:17Z" | ||
+ | message: '[[Existing issued Secret is not up to date for spec]]: [spec.commonName | ||
+ | spec.dnsNames]' | ||
+ | reason: [[SecretMismatch]] | ||
+ | status: "False" | ||
+ | type: Ready | ||
+ | - lastTransitionTime: "2022-07-19T10:04:18Z" | ||
+ | message: Issuing certificate as Secret was previously issued by Issuer.cert-manager.io/ | ||
+ | reason: [[IncorrectIssuer]] | ||
+ | status: "True" | ||
+ | type: Issuing | ||
+ | nextPrivateKeySecretName: prod-admin-tls-cert-f6zts | ||
+ | notAfter: "2022-08-21T13:19:36Z" | ||
+ | notBefore: "2022-05-23T13:19:37Z" | ||
+ | renewalTime: "2022-07-22T13:19:36Z" | ||
+ | |||
+ | == Related == | ||
+ | * <code>[[kubectl get issuer]]</code> | ||
+ | * [[kubectl get csr]] | ||
== See also == | == See also == | ||
+ | * {{kubectl certificate}} | ||
* {{cert-manager}} | * {{cert-manager}} | ||
[[Category:K8s]] | [[Category:K8s]] |
Latest revision as of 12:50, 14 February 2024
kubectl get certificate kubectl get certificaterequest kubectl get certificatesigningrequest
kubectl get certificates NAME READY SECRET AGE your-prod-admin-tls-cert False your-prod-admin-tls-cert 21h your-prod-ssl-certificate False your-prod-ssl-certificate 21h
kubectl get certificate your-certname -o yaml kubectl get certificate your-certname -o yaml | grep reason
k get certificate -A NAMESPACE NAME READY SECRET AGE grafana quickstart-example-tls False quickstart-example-tls 101s
kubectl get certificates error: the server doesn't have a resource type "certificates"
.../... Status: Conditions: Last Transition Time: 2012-07-13T13:34:16Z Message: Issuing certificate as Secret does not exist Reason: DoesNotExist Status: False Type: Ready Last Transition Time: 2012-07-13T13:34:16Z Message: Issuing certificate as Secret does not exist Reason: DoesNotExist Status: True Type: Issuing Next Private Key Secret Name: yourprod-admin-tls-cert-trkl Events: <none> .../...
Contents
Examples[edit]
Examples[edit]
kubectl get certificate your-certname -o yaml apiVersion: cert-manager.io/v1 kind: Certificate metadata: creationTimestamp: "2022-07-19T10:04:17Z" generation: 1 labels: chart: efi-1.2.0 heritage: Tiller release: your-release name: prod-admin-tls-cert namespace: yourns resourceVersion: "8072080" uid: 470e7384-c120-4e08-8d2b-b7152e9521d3 spec: dnsNames: - your-subdomain.yourdomain.com issuerRef: kind: ClusterIssuer name: letsencrypt-clouddns-prod secretName: your-secret-nae status: conditions: - lastTransitionTime: "2022-07-19T10:04:17Z" message: 'Existing issued Secret is not up to date for spec: [spec.commonName spec.dnsNames]' reason: SecretMismatch status: "False" type: Ready - lastTransitionTime: "2022-07-19T10:04:18Z" message: Issuing certificate as Secret was previously issued by Issuer.cert-manager.io/ reason: IncorrectIssuer status: "True" type: Issuing nextPrivateKeySecretName: prod-admin-tls-cert-f6zts notAfter: "2022-08-21T13:19:36Z" notBefore: "2022-05-23T13:19:37Z" renewalTime: "2022-07-22T13:19:36Z"
Related[edit]
See also[edit]
Advertising: