-
Feature Request
-
Resolution: Unresolved
-
Undefined
-
None
-
openshift-4.13
-
False
-
None
-
False
-
Not Selected
-
-
1. Proposed title of this feature request
Document how to manually rotate the Kubernetes API Server Certificates
2. What is the nature and description of the request?
Telco customers are requesting this information
3. Why does the customer need this? (List the business requirements here)
The telco security departments want to know what are the required steps to rotate/revoke internal cluster certs under scenarios where the keys might have been compromised.
4. List any affected packages or components.
Kubernetes APIServer Operator
Some docs can be found hereĀ
https://hackmd.io/@9iYLwDOYQlGiQJN1sY5I6g/S1kj5P_Go#Kube-API-Server-Client-Certificates
The above docs should be double-checked with the API team when working on the final docs.