Secret Type - CERTJKS
Last updated 10 months ago
The CERTJKS-Type is the same as the CERT-Type. The only difference is that it converts the saved Certificate into a Java Key Store.
First please read the part of CERT-TYPE, because the Vault-CRD expects the Certificate in a specific format.
After this you can create the following Vault resource in Kubernetes:
apiVersion: "koudingspawn.de/v1"kind: Vaultmetadata:name: test-certjksspec:path: "secret/test-url.example.com"type: "CERTJKS"
This will generate the Vault resource and also the secret:
$ kubectl get vault test-certjksNAME AGEtest-certjks 8d
$ kubectl get secret test-certjksNAME TYPE DATA AGEtest-certjks Opaque 1 8d
By default the Key Store is saved in the key.jks path. You can change it with the jksConfiguration as described in PKIJKS.