We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 35f54a7 commit 8d1781eCopy full SHA for 8d1781e
src/KubernetesClient/CertUtils.cs
@@ -74,7 +74,13 @@ public static X509Certificate2 GeneratePfx(KubernetesClientConfiguration config)
74
}
75
76
var cert = new X509CertificateParser().ReadCertificate(new MemoryStream(certData));
77
-
+ // key usage is a bit string, zero-th bit is 'digitalSignature'
78
+ // See https://www.alvestrand.no/objectid/2.5.29.15.html for more details.
79
+ if (!cert.GetKeyUsage()[0]) {
80
+ throw new Exception(
81
+ "Client certificates must be marked for digital signing. " +
82
+ "See https://github.com/kubernetes-client/csharp/issues/319");
83
+ }
84
object obj;
85
using (var reader = new StreamReader(new MemoryStream(keyData)))
86
{
0 commit comments