Uid: ac23136b-4b51-4df1-b732-cff0195fff6bĮxisting secrets can be decoded using the base64 command after retrieving them with kubectl: # Read back the encoded secret using a jsonpath $ kubectl create secret generic -from-literal=api-key=SuperSecret123! api-secrets For example, creating and reading back a secret shows that the value of the secret is Base64-encoded: # Create a secret A Kubernetes secret contains key/value pairs where the value is Base64-encoded. $ openssl x509 -inform der -in -noout -datesĪnother common use for Base64 encoding is Kubernetes secrets. # Confirm that OpenSSL can inspect the decoded certificate file # Confirm that the decoded file and the original binary file are the same $ tail -n +2 | head -n -1 | base64 -di > You can see that it is exactly the same as the binary file that was saved using OpenSSL earlier: # Decode the certificate and save it to The Base64-encoded PEM certificate can then be decoded using the base64 command. NTk1OVowgcoxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBīAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQFĮwcyOTQ1NDM2MQswCQYDVQQGEwJVUzEXMBUGA1UECBMOTm9ydGggQ2Fyb2xpbmExĮDAOBgNVBAcTB1JhbGVpZ2gxFjAUBgNVBAoTDVJlZCBIYXQsIEluYy4xFzAVBgNVīAMTDnd3dy5yZWRoYXQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIxMTIwMTAwMDAwMFoXDTIyMTIwMTIz MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3ĭ3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk MIIHNjCCBh6gAwIBAgIQCVe4E0h49mzI0NcSqMy1+jANBgkqhkiG9w0BAQsFADB1 # Confirm that the PEM encoded certificate contains printable, Base64 encoded data $ echo | openssl s_client -connect 2>/dev/null | openssl x509 -outform der -out # Download the certificate in binary DER format $ echo | openssl s_client -connect 2>/dev/null | openssl x509 -outform pem -out To see this in action, you can obtain the PEM-encoded certificate and the binary DER certificate for : # Download the certificate in Base64 encoded PEM format A PEM certificate can be converted to its binary Distinguished Encoding Rules (DER) equivalent by decoding the Base64-encoded data. The Base64-encoded certificate structure is commonly referred to as the Privacy Enhanced Mail (PEM) format, but a certificate is fundamentally binary data. If you have worked with the OpenSSL tool, you have seen several examples of Base64-encoded certificates. One of the most common use cases is certificate encoding. Knowing how to recognize, encode, and decode Base64 is valuable due to its prevalence as an encoding approach. Using Base64 encoding may seem esoteric, but there are many common scenarios where you will encounter Base64 in systems administration. How well do you know Linux? Take a quiz and get a badge.Linux system administration skills assessment.A guide to installing applications on Linux.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |