Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: SHA256-RSA replace SHA1-RSA #349

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix: SHA256-RSA replace SHA1-RSA #349

wants to merge 1 commit into from

Conversation

zsnmwy
Copy link
Member

@zsnmwy zsnmwy commented Jun 6, 2022
edited

What type of PR is this?

fix: SHA256-RSA replace SHA1-RSA

# zsnmwy @ zsnmwys in ~/code/go/src/github.com/zsnmwy/crane/crane on git:345-crane-agent-pod-crashing-with-kind-k8s-124 o [21:36:00] 
$ cat deploy/keys/ca.crt | openssl x509 -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:81:9d:43:41:3f:ec:95:de:ba:7e:3d:b4:cc:86:eb:8e:bc:bf:33
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN = crane
        Validity
            Not Before: Jun  6 13:19:06 2022 GMT
            Not After : Jun  3 13:19:06 2032 GMT
        Subject: CN = crane
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:98:70:3d:80:c8:e5:65:c3:2c:43:b6:cd:16:
                    f2:b4:01:d9:10:da:71:ac:3e:33:e6:3f:80:e6:d1:
                    a1:70:49:77:58:18:ce:e2:ab:bf:96:1b:a0:f4:a6:
                    5a:85:df:47:92:c8:87:d4:3c:77:fe:a2:91:b1:56:
                    d9:b0:ed:a6:88:01:f2:ae:11:74:60:4c:52:6c:91:
                    29:7a:f0:e4:7b:cb:2a:20:0f:b6:3b:32:d4:84:48:
                    58:db:6b:70:3e:03:50:09:67:e4:11:59:7c:3a:34:
                    89:65:ae:71:c2:61:10:e7:70:e6:28:63:0e:07:31:
                    f3:3d:62:a3:62:9f:b7:4f:fc:f3:e6:af:00:6a:68:
                    8c:ee:e5:c8:5b:38:2f:ef:21:fc:c4:9c:dc:f3:13:
                    ba:c0:01:bc:f2:ec:dc:05:e6:01:aa:f4:5b:f9:f4:
                    67:67:f4:5d:3f:8e:4e:ec:f0:5a:4e:c9:b6:ed:f5:
                    ac:e1:57:18:2d:a0:6f:81:74:96:01:94:4f:79:b1:
                    bf:3d:98:86:36:27:3c:4b:8e:6a:09:86:aa:53:0c:
                    36:0f:13:49:74:46:eb:a4:4d:2c:7b:b4:ef:4d:bc:
                    26:69:b6:f4:c8:99:90:0c:81:c6:91:3e:cf:5e:e2:
                    61:5f:fe:6b:05:10:de:a4:fa:7f:41:5c:ea:64:67:
                    e0:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                09:CA:C9:75:50:30:FD:DD:FA:9D:38:AD:66:89:8A:A8:90:76:12:94
            X509v3 Authority Key Identifier: 
                keyid:09:CA:C9:75:50:30:FD:DD:FA:9D:38:AD:66:89:8A:A8:90:76:12:94

            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
         97:1e:9e:34:22:2c:ed:12:91:62:dc:74:49:17:cc:51:08:5c:
         b0:7c:6b:63:83:fb:67:2a:97:d5:70:3a:50:dd:52:85:96:8b:
         55:16:b8:30:fa:d4:40:42:76:49:43:61:8b:04:0d:99:1d:fc:
         05:d5:2d:19:b5:49:50:17:6f:df:0c:2a:61:61:56:e9:37:f2:
         32:a0:c4:f2:4e:6a:b6:e4:11:1c:ad:37:19:0f:a7:0a:20:a7:
         50:1e:bb:e4:09:a2:a0:34:70:66:4b:34:11:1a:58:ef:64:2b:
         40:3a:2e:f3:85:d5:bb:43:b1:3a:0e:d3:79:ab:15:02:00:f8:
         46:9a:c4:6b:58:d7:44:da:d2:5a:d1:bc:3b:c2:d8:77:c1:31:
         27:14:4d:c5:1f:c1:3f:03:f0:c3:2c:dd:01:e4:2f:a8:4c:f4:
         d1:17:79:7a:e5:0d:e9:6e:37:48:83:d9:de:72:71:b7:53:9a:
         0b:d0:7f:40:4f:76:bf:19:4c:c9:63:df:d0:28:fe:34:d2:c0:
         4c:f9:6d:a2:f6:d0:05:32:2a:88:9e:ec:f6:69:c3:c5:8f:d3:
         9e:43:d4:bb:fb:5c:57:20:dd:5d:3b:0d:9e:c4:d1:0a:cf:2b:
         5d:81:fd:cb:39:41:c5:11:a0:24:ec:90:0f:c8:cc:0c:96:a1:
         1a:c1:42:e9

# zsnmwy @ zsnmwys in ~/code/go/src/github.com/zsnmwy/crane/crane on git:345-crane-agent-pod-crashing-with-kind-k8s-124 o [21:36:14] 
$ cat deploy/keys/tls.crt | openssl x509 -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:ac:e2:ed:a8:6e:99:b7:3a:ee:66:16:e5:53:25:a5:9e:5b:bb:6d
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN = crane
        Validity
            Not Before: Jun  6 13:19:06 2022 GMT
            Not After : Jun  3 13:19:06 2032 GMT
        Subject: CN = craned.crane-system.svc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:2c:ee:f1:2b:09:76:31:13:51:3d:23:db:11:
                    5b:7a:48:4a:26:48:0f:c5:5f:8c:85:b8:ae:90:e5:
                    99:3f:12:6b:c2:0a:ed:c3:14:64:c5:d1:81:0d:3a:
                    f8:62:3b:6b:f6:99:cb:30:8b:6a:02:9c:1b:99:2c:
                    4f:2a:a9:18:a1:0a:e6:a9:15:4e:67:ba:5b:78:8d:
                    72:2c:86:f6:73:17:e6:52:7c:df:2b:df:89:a9:0f:
                    fc:41:18:7c:db:f7:b6:37:d4:9a:3a:0d:77:91:d4:
                    51:1b:94:70:d8:59:a9:6c:91:9c:4e:12:d2:13:27:
                    e8:e1:71:04:cd:7d:25:df:db:ca:af:bb:14:47:e0:
                    6a:a7:4f:1d:e5:d6:2c:74:d7:0c:88:96:c0:24:90:
                    15:2e:a9:e8:8b:c6:d7:e2:ba:5f:a7:f5:a3:c4:c0:
                    12:fa:e6:d7:22:76:59:33:d4:b0:bf:df:48:2e:ae:
                    37:eb:c9:ab:50:9a:95:53:f8:11:11:a2:96:e3:e8:
                    6d:9f:17:d5:ed:6f:76:0b:01:39:c4:bb:a0:cc:31:
                    cd:15:b9:64:3a:38:8b:78:1f:74:fa:44:32:28:f2:
                    48:74:98:01:ee:9e:ca:18:39:d2:dc:9b:0f:a1:0c:
                    93:29:73:c4:17:6f:aa:cb:06:e9:d7:dc:42:c6:8b:
                    27:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Key Usage: 
                Digital Signature, Non Repudiation, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Client Authentication, TLS Web Server Authentication
            X509v3 Subject Alternative Name: 
                DNS:craned.crane-system.svc, DNS:craned.crane-system.svc.cluster.local
    Signature Algorithm: sha256WithRSAEncryption
         54:90:8c:e6:3a:00:54:00:d7:79:9a:8d:08:3c:bb:55:68:c4:
         9f:d7:b2:b3:01:d2:89:5d:c9:4b:9d:dc:7f:d1:90:f3:37:54:
         a4:0e:18:3c:26:7b:f1:3a:4e:6b:ee:0b:2c:d7:47:33:c6:3a:
         ec:69:38:18:69:c2:23:d3:65:3c:5d:89:ce:13:23:b6:a4:c8:
         c3:12:9b:5c:44:0c:eb:76:6e:e9:a1:bc:ae:0b:f6:69:48:e9:
         59:2a:c9:02:9f:44:63:5c:87:74:92:b6:62:fe:80:54:e9:94:
         ad:1e:a7:d2:92:05:5c:a6:6f:f9:f1:4e:3f:2c:09:23:51:cb:
         57:38:22:0f:7f:bb:de:26:c7:e0:63:2f:69:ca:d9:07:08:e5:
         96:6a:71:56:62:1e:d6:0e:68:da:32:07:98:96:67:33:5f:56:
         d0:62:a9:ce:e4:2d:14:89:56:1e:59:3e:d3:1b:da:60:74:ec:
         cb:aa:fc:af:c6:f5:19:f9:1b:23:ad:b0:4a:1d:51:94:e4:5e:
         23:d6:ab:54:77:88:00:6c:2b:a5:93:e1:3f:42:ea:c8:d1:c5:
         60:9c:da:38:68:56:cf:a9:27:7a:a8:b0:8d:3e:d4:32:ac:b3:
         77:84:ea:90:fb:99:19:f1:9e:67:d7:cc:f9:24:16:1b:9e:ab:
         c5:30:e9:3f

What this PR does / why we need it:

Which issue(s) this PR fixes:

Fixes #345

Special notes for your reviewer:

@zsnmwy zsnmwy requested a review from qmhu June 6, 2022 13:32
@zsnmwy zsnmwy mentioned this pull request Jun 27, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qmhu qmhu Awaiting requested review from qmhu

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

crane-agent pod crashing with kind k8s 1.24
1 participant
@zsnmwy