Vault-CRD
Search…
Secret Type - CERTJKS
The CERTJKS-Type is the same as the CERT-Type. The only difference is that it converts the saved Certificate into a Java Key Store.

How To

First please read the part of CERT-TYPE, because the Vault-CRD expects the Certificate in a specific format.
After this you can create the following Vault resource in Kubernetes:
1
apiVersion: "koudingspawn.de/v1"
2
kind: Vault
3
metadata:
4
name: test-certjks
5
spec:
6
path: "secret/test-url.example.com"
7
type: "CERTJKS"
Copied!
This will generate the Vault resource and also the secret:
1
$ kubectl get vault test-certjks
2
NAME AGE
3
test-certjks 8d
Copied!
1
$ kubectl get secret test-certjks
2
NAME TYPE DATA AGE
3
test-certjks Opaque 1 8d
Copied!
By default the Key Store is saved in the key.jks path. You can change it with the jksConfiguration as described in PKIJKS.

Change Adjustment Callback

For more details please see Change Detection!
Last modified 1yr ago