expand encoded CSR block
Closed this issue · 0 comments
elmiko commented
when there are pending CSRs on a cluster it can be very useful to inspect how the certificate requests are formed. it would be nice if camgi could decode the request blocks inside of the csr before displaying.
for example, instead of seeing this:
apiVersion: certificates.k8s.io/v1
kind: CertificateSigningRequest
spec:
request: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkVEQ0J0d0lCQURCVk1SVXdFd1lEVlFRS0V3eHplWE4wWlcwNmJtOWtaWE14UERBNkJnTlZCQU1UTTNONQpjM1JsYlRwdWIyUmxPakY2ZGpKNWFEZzFMVFF6TTJWa0xXNTRaSEpzTFcxaGMzUmxjaTB4TG01dmRtRnNiMk5oCmJEQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJBSmplblNZKzR6cE03L3pYODNFUXBKV1BYYTgKTEFwYkluaTBFdzhFVVpZRlZFUXJocDk1S1pqQ1ZwdGJnelh2Sm1yQW5JSTN1Q0hEdzcrQXpWVkFFMU9nQURBSwpCZ2dxaGtqT1BRUURBZ05JQURCRkFpQjVobGltc0JXc1AyZW9ZVG0zZHdQWC8rNUp3MVg3TkZKbWg1dDJ1WG1QCnBBSWhBTmo3ME5SYmVZL1NWWHVJamVRM1c2REZTWko3c1BjU3FvREJ2bk9MVnc4RgotLS0tLUVORCBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0Kthe output would show this:
apiVersion: certificates.k8s.io/v1
kind: CertificateSigningRequest
spec:
request: |
Certificate Request:
Data:
Version: 1 (0x0)
Subject: O = system:nodes, CN = system:node:1zv2yh85-433ed-nxdrl-master-1.novalocal
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:02:63:7a:74:98:fb:8c:e9:33:bf:f3:5f:cd:c4:
42:92:56:3d:76:bc:2c:0a:5b:22:78:b4:13:0f:04:
51:96:05:54:44:2b:86:9f:79:29:98:c2:56:9b:5b:
83:35:ef:26:6a:c0:9c:82:37:b8:21:c3:c3:bf:80:
cd:55:40:13:53
ASN1 OID: prime256v1
NIST CURVE: P-256
Attributes:
a0:00
Signature Algorithm: ecdsa-with-SHA256
30:45:02:20:79:86:58:a6:b0:15:ac:3f:67:a8:61:39:b7:77:
03:d7:ff:ee:49:c3:55:fb:34:52:66:87:9b:76:b9:79:8f:a4:
02:21:00:d8:fb:d0:d4:5b:79:8f:d2:55:7b:88:8d:e4:37:5b:
a0:c5:49:92:7b:b0:f7:12:aa:80:c1:be:73:8b:57:0f:05