kubernetes
/
minikube
mirror of https://github.com/kubernetes/minikube.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue certificates with NotBefore set 1 day prior to avoid drift/timezone issues in VM

pull/2838/head
Ivan Hamilton 2018-05-22 09:32:19 +10:00 committed by dlorenc
parent 902e49688f
commit 4bdba1f20b
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/util/crypto.go
View File

@ -44,7 +44,7 @@ func GenerateCACert(certPath, keyPath string, name string) error {
Subject: pkix.Name{
CommonName: name,
},
NotBefore: time.Now(),
NotBefore: time.Now().Add(time.Hour * -24),
NotAfter: time.Now().Add(time.Hour * 24 * 365 * 10),
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
@ -92,7 +92,7 @@ func GenerateSignedCert(certPath, keyPath, cn string, ips []net.IP, alternateDNS
CommonName: cn,
Organization: []string{"system:masters"},
},
NotBefore: time.Now(),
NotBefore: time.Now().Add(time.Hour * -24),
NotAfter: time.Now().Add(time.Hour * 24 * 365),
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,