I’m trying to configure x509 auth on deployed kubernetes w RBAC via Rancher (1.6.9).
We need isolated from Rancher-server role-based auth for our new users.
I’v tried to configure x509 certificate authentication with this tutorial https://docs.bitnami.com/kubernetes/how-to/configure-rbac-in-your-kubernetes-cluster/, with no luck. Although I’v managed to configure x509 auth on my kubeadm lab
So, i think that problem is in the --client-ca-file=ca.pem cert that issued by cattle.
And i can’t sign user self-signed certif- icate with this ca.pem cause i can’t find key for it (in /etc/kubernetes/ssl/ dir i have cert.pem+key.pem for kubernetes and ca.pem for cattle).
So, my question is - where i can find key for ca.pem
maybe i should consider other options for authentication in my case?
I have the same problem. Any workaround ?
Thanks a lot