How To
Summary
CP4S stores the certificates as a secret in the CP4S namespace in order to review or check certificates the steps provided in this document cover how to decode and check both certificates.
Steps
Decode the CA certs.
oc extract secret/icp-management-ingress-tls-secret -n <cp4s namespace> --keys ca.crt --to - | openssl x509 -noout -text
Or
oc get secret icp-management-ingress-tls-secret -o jsonpath="{.data['ca\.crt']}" | base64 --decode | openssl x509 -noout -text
Decode common-services certificates.
oc extract secret/cs-ca-certificate-secret -n ibm-common-services --keys tls.crt --to - | openssl x509 -noout -text
Or
oc get secret -n ibm-common-services cs-ca-certificate-secret -o jsonpath="{.data['tls\.crt']}" | base64 --decode | openssl x509 -noout -text
Sample output:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
92:h8:ed:01:be:90:ce:10:de:7b:9e:0f:9d:5b:21:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: O = <ISSUER>, CN = <COMMON NAME>
Validity
Not Before: Sep 30 01:45:28 2021 GMT
Not After : Sep 30 01:45:28 2023 GMT
Subject: O = <ISSUER>, CN = <COMMON NAME>
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7j:k0:35:10:c6:5b:fd:b1:a5:af:61:37:79:
continues .......
Related Information
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTDPP","label":"IBM Cloud Pak for Security"},"ARM Category":[{"code":"a8m0z000000Xat9AAC","label":"Documentation"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
25 January 2022
UID
ibm16550494