OpenShift Node TLS Bootstrapping

Updated -

When deploying a new cluster or scaling up additional nodes each node requires a valid client and server certificate.

In releases 3.9 and earlier these certificates were generated by openshift-ansible and distributed to nodes.

In 3.10 and above, nodes generate a client certificate signing request (CSR) using a time limited bootstrap credential. Once the client CSR is approved eit...

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In