Kuberenetes 101 : OpenSSL - Creating users -

We start by creating a directory on the master node that will hold our keys and we "cd" into it.

We create a private key for Albert:

We then create a certificate sign request - CSR - using Albert's private key, we also provide the username - CN -.


We could also provide a group for Albert using the "/CO" paramater.

We then sign the CSR using the Kubernetes certificate authority
- CA - usually "/etc/kubernetes/pki/ca.crt" and "/etc/kubernetes/pki/

We sign the CSR that will be valid for 250 days:

We finally create the user in the kubeconfig for Albert using the below command:


Leave as a comment: