0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

KubernetesのKubeconfigからCertのexpiration dateを確認する

Last updated at Posted at 2024-02-20

毎回忘れてしまうので。

まず、こんな感じでkubeconfigがあると、certificate-authority-dataにSSLの証明書のpemファイルがbase64でエンコードされている。

$ cat kubeconfig 
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURRRENDQWlpZ0F3SUJBZ0lJTjVUdTRXdVdkSVV3RFFZSktvWklodmNOQVFFTEJRQXdQakVTTUJBR0ExVUUKQ3hNSmIzQmxibk5vYVdaME1TZ3dKZ1lEVlFRREV4OXJkV0psTFdGd2FYTmxjblpsY2kxc2IyTmhiR2h2YzNRdApjMmxuYm1WeU1CNFhEVEkwTURJeU1EQTBOVFV6TjFvWERUTTBNREl4TnpBME5UVXpOMW93UGpFU01CQUdBMVVFCkN4TUpiM0JsYm5Ob2FXWjBNU2d3SmdZRFZRUURFeDlyZFdKbExXRndhWE5sY25abGNpMXNiMk5oYkdodmMzUXQKYzJsbmJtVnlNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQTFDT2tDbTVzL1poaQpDVDN2SVdUTXBremlkOEpCZ2hkbUZ3TnBKaFR0OXQ3d2ZYZzVpTEgvdTRHeHkrZ3pVRW9HT2RJS0g3RnA2ZStzCmJSSGVUelIvOWk2blNTSnV1Qkh3WmY1d2RKak9Ec0xnWUppUjJYbk1WbmFPZURTMFlrczZzS0ZvOUpWTitPWk8KUHlvVUxSSnJ3RzVkejZDdm1aRmhza2M2bTBIdlBhNzBhWlNKZjdEdS84MEQ0L3EyN1ZWeFhiYkQ1N3JyTVJJcwpQbEVjdDNoRnNNcHNQdmljV3VNaVVpUGdHS2RJd05vK25xR3VRNWdQRXZveW5MUjRra2dPN3VLczRhWlZqT1NvCnhMZ0VHL2g5S1JUWW9KajNKSlpnRlcrTGVLcjZqbmc2ZFp1QlkwOWF6OHVMTkNoc2V6d3o5TXRxbjRwS3BwUnkKN3dqTUJzcGZjUUlEQVFBQm8wSXdRREFPQmdOVkhROEJBZjhFQkFNQ0FxUXdEd1lEVlIwVEFRSC9CQVV3QXdFQgovekFkQmdOVkhRNEVGZ1FVbVlZTitSSUQva2JnNnBCQkJFYnM4bkRPMTRBd0RRWUpLb1pJaHZjTkFRRUxCUUFECmdnRUJBSzJXTHZiUCtHNFlPWmtPMXZXUW9qeURHOURiM1cwTVMvSkVJMzdaSWYrekhMK1BMdWQwN0tvSWc5ak0KdTlCOVk3NXVaeldNeUsweUhhTkhJc1pRMWdOV2laTGlmK2lzNXJQNmIwaGhxVS82bVFSeXVzeWFRZEc1QVJzTApHZVJtdVViakU2aGZPTFVhMEtabEpQb1lMNlZaVVBHSUxrZGprSXV4eWJsOFBxaXJwamZFOEw3OUJYSis3STgzCkluUWgwZEpCeWJSb0xFS1V2UkNHRkN1dVRkaEl2RG9SSEplQVErZHJaVXJ6NUVwV1RQOTg1cUYxMGpQTzhEZGcKY29VZjluZDJaTUxCRzRrRG51KzBCTEJRMHVGb1NJaWljVVZ3QWZsM0VDTUljbWsvUnduUko3b3p6NjRuRU1SNwpJWlUzK1NrTTYvZ1pxWnpLSE1FZ2lMdHRLbDg9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURURENDQWpTZ0F3SUJBZ0lJQng2QmtaTjFvRTB3RFFZSktvWklodmNOQVFFTEJRQXdSREVTTUJBR0ExVUUKQ3hNSmIzQmxibk5vYVdaME1TNHdMQVlEVlFRREV5VnJkV0psTFdGd2FYTmxjblpsY2kxelpYSjJhV05sTFc1bApkSGR2Y21zdGMybG5ibVZ5TUI0WERUSTBNREl5TURBME5UVXpPRm9YRFRNME1ESXhOekEwTlRVek9Gb3dSREVTCk1CQUdBMVVFQ3hNSmIzQmxibk5vYVdaME1TNHdMQVlEVlFRREV5VnJkV0psTFdGd2FYTmxjblpsY2kxelpYSjIKYVdObExXNWxkSGR2Y21zdGMybG5ibVZ5TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQwpBUUVBc0tzSStrNjByOXJISFJZWGRlMWRNSEszR25XdHE5aC84cWRuMk9ZZ2pmUWxVdldPajN2R1JMWVU3eEtUCmN4U0pUQ2ZXZTRiRE5STjlYNG9kbTNJV05TNlNXai9hQmRPUTg0WVh4MDk0ajBycTNJenBRaW9EL2hqQkJOcGwKN1BhZElwVUxwUzNHQmFKNnRVZVhFK0FUVWZtK00wb2Z1WllLWE40aDlwaEhZelZBSWhuZ0xFUjEvQmQvaXE2TwozSkJKOWIxeE1XdkRXVnVBNGxPN0tnUUdwZzY2OEJsQmd5UGNheE81ZDJUNHR1Y1BEdVJpU3JGMDJ1b3lOUDI0CnpRVXFmZjJEbXBiWTMyRmRSK1NCUUNSTEtaQUJZcCtwZHVMUzgzUkoySngwTHNHUFY5a3BwWkY5aHFkc0lnWHcKRXpwWUZ5T3R4SWdkektDb1BROEpGeVZLK3dJREFRQUJvMEl3UURBT0JnTlZIUThCQWY4RUJBTUNBcVF3RHdZRApWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVXk4eTRWckRwT0xaSzdUVllQbC8rL3o1QXJOWXdEUVlKCktvWklodmNOQVFFTEJRQURnZ0VCQUpzTlZXRWc0WHV4U0NQLzNGemZLUjRDendLMi9yRk5LbHBUWGRKeFNDblMKMkNaNHdTZEdrM2NsNUk1SDVOVEFjWXhoNG9SWFFqbDVEeGtiMTJwdXErUklESjg2ZUU1aXpYWC8vcFVQSDZGQgpYbWdDSjNRb0lYa0tUbmRXUzVlYzlibk1uTXlqNnVXRUFxY0lmZE1WWUV6OUxwWW5OWmpTVUVqbWxzUDIvSkZjCnNUTmhoL2k0NUpzZmUxNFlqd0dTWDBUU1ZxbmhVRERpOFNMN0ZNcTdOZS8xbUVERmlXS01oamxOVmFSZFdQN2MKOHlFS1hOanR2VkJWb04yRm5OUUl0NDE4VXRNT2llcktPYjBScTJ5SXdxSnBRazE5MTM4elRLUTJUWnd6UU1INQprQjc2ZmRQcjVtekFLRzJhLzlWRzltOExKZ3hSYUpMOG9GeGdhNDNBeXRvPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQpNSUlETWpDQ0FocWdBd0lCQWdJSU1VeGtORDNzT3JZd0RRWUpLb1pJaHZjTkFRRUxCUUF3TnpFU01CQUdBMVVFCkN4TUpiM0JsYm5Ob2FXWjBNU0V3SHdZRFZRUURFeGhyZFdKbExXRndhWE5sY25abGNpMXNZaTF6YVdkdVpYSXcKSGhjTk1qUXdNakl3TURRMU5UTTRXaGNOTXpRd01qRTNNRFExTlRNNFdqQTNNUkl3RUFZRFZRUUxFd2x2Y0dWdQpjMmhwWm5ReElUQWZCZ05WQkFNVEdHdDFZbVV0WVhCcGMyVnlkbVZ5TFd4aUxYTnBaMjVsY2pDQ0FTSXdEUVlKCktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQUtkY2hUOXVKYkJBbHcrQzlmNlB1ZUg0K1piRTJyUTQKOG10Kzh2ZnoyMHFYR2lmMDdkOW9zNlFBVHdIRFoxMFpjSDJVc0NYckF0NVNGNlhhYmRUcGRWeFIydlNpcElacgozTWx2bllxQ0p1N2VKNnpBK2ZpMHhORWpBemR1SkoxK1hGaFJhOUtBbUk0N3JVbHMreGI2YldCTWdMQ0M1dGgxCm1FRDJvYWRZZTAyZW9pNG9OOEdTTUhTVldqNHJWdDQxaDdaa3JKQmdGMVJIeVhmZ0xFWFNSQVZlRFFzc0Y1UEgKSHg2RjdGZmR4YjRiRlB4bUV4aHRCRjFZaFdjWUx3SW5oeHlkTTUvWC9JU3NNU1hJVEo4MVh6b3BaMkVVSzJGZwpuSzNHQldlTDlXU3dadDJlK3dsWjB4Tk1ia1RtYUVmMk5pdUZKdzJxVVhOWWhSUGNqOURJalZzQ0F3RUFBYU5DCk1FQXdEZ1lEVlIwUEFRSC9CQVFEQWdLa01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZEcVMKem15MkZnTWF6MGRWa2lDYXlEWTNLbjZhTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFBUTZKaUdjZUVCOW5yMgpjalhmZDJzSXlUTUJNSFZ0RnF5SEpxV3diQmVmTzJhQXZZcWdyY2JKeTR6anhaQ0ZIQ083UDlEbyt6NnlzdkgzCllqV0NQQ3lrMnRtVzRQY1I5dzQrajVMN2M0QjdKc2tYYlBhRkNOR29kOUdINE9kNkFOUnl0cm9CaENjcFZtZU8KRlF3WVBGWG0xZERTdGxGaTlnY2ZnQUJPRi8xYVBKejVVaGNPMEpkMG5zbFB4U0NQaGFmK2FFT3YrTWRFZzNnKwppKzJGdml6S1paaVBpcU1KamZlNG9hSXU1MVZESUQ3ekY3U2pTWXBQY2Y5QVNJT0p3VDNOL0UvZEFYWUFUZlJLCmFjWno0RDJBVFY3TC9XZzZMcTFOVktVZnJlSU9pUVRKYjJ3SW82bEJGeE42UVVxbWJUMjJKbWx6dkVTUXNmQWcKVWVHWWxBd0sKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
  (snip)

これをbase64でデコードする。

$ echo LS0tLS1CRUdJTiBDRVS...(snip)...0VSVElGSUNBVEUtLS0tLQo= | base64 -d > test.pem

これをopensslに-noout -subject -datesとか-enddate -nooutとかのオプションを付けて実行すればnotAfterにexpiration dateが表示される。

openssl x509 -noout -subject -dates  -in test.pem
subject=OU = openshift, CN = kube-apiserver-localhost-signer
notBefore=Feb 20 04:55:37 2024 GMT
notAfter=Feb 17 04:55:37 2034 GMT
0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?