openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
enterprise-4.21
openshift-docs/modules/nw-ovn-ipsec-certificates.adoc
JoeAldinger 63ac7684fb OSDOCS-10112:nwt security restructring
2024-04-25 18:36:48 +00:00

12 lines
609 B
Plaintext
Raw Permalink Blame History

// Module included in the following assemblies:
//
// * networking/openshift_network_security/configuring-ipsec-ovn.adoc
:_mod-docs-content-type: CONCEPT
[id="nw-ovn-ipsec-certificates_{context}"]
= Security certificate generation and rotation
The Cluster Network Operator (CNO) generates a self-signed X.509 certificate authority (CA) that is used by IPsec for encryption. Certificate signing requests (CSRs) from each node are automatically fulfilled by the CNO.
The CA is valid for 10 years. The individual node certificates are valid for 5 years and are automatically rotated after 4 1/2 years elapse.
View Git Blame Copy Permalink