主页
产品
Red Hat Advanced Cluster Management for Kubernetes
2.1
安全性
2.3.2.2. 证书策略示例

2.3.2.2. 证书策略示例

当在 hub 集群上创建证书策略控制器时，会在受管集群上创建复制策略。受管集群上的证书策略可能类似以下文件：

apiVersion: policy.open-cluster-management.io/v1
kind: CertificatePolicy
metadata:
  name: certificate-policy-1
  namespace: kube-system
  label:
    category: "System-Integrity"
spec:
  namespaceSelector:
    include: ["default", "kube-*"]
    exclude: ["kube-system"]
  remediationAction: inform
  minimumDuration: 100h
  minimumCADuration: 200h
  maximumDuration: 2161h
  maximumCADuration: 43920h
  allowedSANPattern: "[[:alpha:]]"
  disallowedSANPattern: "[\\*]"

apiVersion: policy.open-cluster-management.io/v1
kind: CertificatePolicy
metadata:
  name: certificate-policy-1
  namespace: kube-system
  label:
    category: "System-Integrity"
spec:
  namespaceSelector:
    include: ["default", "kube-*"]
    exclude: ["kube-system"]
  remediationAction: inform
  minimumDuration: 100h
  minimumCADuration: 200h
  maximumDuration: 2161h
  maximumCADuration: 43920h
  allowedSANPattern: "[[:alpha:]]"
  disallowedSANPattern: "[\\*]"

Copy to Clipboard

Toggle word wrap

了解如何管理证书策略，请参阅管理证书策略以了解更多详细信息。有关更多主题，请参阅策略控制器。

返回顶部

2.3.2.2. 证书策略示例

学习

尝试、购买和销售

社区

关于红帽文档

让开源更具包容性

關於紅帽

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links