Kubernetes cluster on Amazon Elastic Kubernetes Service certificate considerations
Running a Kubernetes cluster on Amazon Elastic Kubernetes Service (EKS) requires you to manually copy the cluster root certificate authority and import to the
PowerProtect Data Manager trust store. Perform the following steps:
From the Kubernetes node, retrieve the cluster root certificate by running the following command:
aws eks
describe-cluster --region
region --name
Kubernetes cluster name --query "cluster.certificateAuthority.data" --output
certificate file name
Copy the certificate to the
PowerProtect Data Manager server.
As an administrator on the
PowerProtect Data Manager server, import the certificate to the
PowerProtect Data Manager trust store by running the following command:
ppdmtool -importcert -alias
certificate alias -file
file with certificate -type
BASE64|PEM
Where:
i or
importcert imports the certificate.
a or
aliascertificate alias is used to specify the alias of the certificate.
f or
filefile with certificate is used to specify the file with the certificate.
t or
typeBASE64|PEM is used to specify the certificate type. The default type is PEM.
NOTE Since the root certificate is a text file, specify BASE64 format for the
type input, as shown in the following example.
Sample command to import certificate to
PowerProtect Data Manager trust store
ppdmtool -i -a eks.ap-south-1.amazonaws.com -f aws-certificate.txt -t BASE64
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\