FAQ

A collection of common issues and how to debug / resolve the same.

Certificate related

  • How to compare if a given pem certificate is associated with a URL endpoint?

    Run the two commands below and see if the hash generated match.

    openssl x509 -in cert.pem -pubkey -noout | openssl md5

    openssl s_client -connect $UNAMESPACE.makelabs.in:443 -showcerts /dev/null | openssl x509 -pubkey -noout | openssl md5

  • I have a secret that contains JKS. How to get it to local file system?

    kubectl get secret elastic-jks -n $UNAMESPACE -o jsonpath='{.data.externaldb\.jks}' | base64 --decode > my-local-keystore.jks

  • How to list certificates in a given JKS?

    keytool -list -v -keystore my-local-keystore.jks -storepass keystore-password-here

  • How to get certificates for a given endpoint?

    openssl s_client -connect cep_api_config_gw_an_gateway_dev:443 -showcerts

Kubernetes Entity related

  • How to check the status of Ingress object?

    kubectl describe ingress ${UNAMESPACE}-ingress-keycloak -n ${UNAMESPACE}

    This shows:
      Hostnames
      Paths
      Backend services
      Events (errors, provisioning issues)
      Assigned IP/Load Balancer