kainlite · April 28, 2019 21:34
diff --git a/snippet.sh b/snippet.sh
 # For this to work we need to enable the path /secret with kv version 1
 vault secrets enable -path=secret -version=1 kv

 # Then create a separate certificate for our client (Important in case we need or want to revoke it later)
 $ consul tls cert create -client -additional-dnsname vault
 ==> Using consul-agent-ca.pem and consul-agent-ca-key.pem
 ==> Saved dc1-client-consul-1.pem
 ==> Saved dc1-client-consul-1-key.pem

 # And store the certs as a kubernetes secrets so our pod can use them
 $ kubectl create secret generic myapp \
  --from-file=certs/consul-agent-ca.pem \
  --from-file=certs/dc1-client-consul-1.pem \
  --from-file=certs/dc1-client-consul-1-key.pem
	# For this to work we need to enable the path /secret with kv version 1
	vault secrets enable -path=secret -version=1 kv

	# Then create a separate certificate for our client (Important in case we need or want to revoke it later)
	$ consul tls cert create -client -additional-dnsname vault
	==> Using consul-agent-ca.pem and consul-agent-ca-key.pem
	==> Saved dc1-client-consul-1.pem
	==> Saved dc1-client-consul-1-key.pem

	# And store the certs as a kubernetes secrets so our pod can use them
	$ kubectl create secret generic myapp \
	--from-file=certs/consul-agent-ca.pem \
	--from-file=certs/dc1-client-consul-1.pem \
	--from-file=certs/dc1-client-consul-1-key.pem
No results found