mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
21 lines
970 B
Plaintext
21 lines
970 B
Plaintext
:_mod-docs-content-type: ASSEMBLY
|
|
[id="api-server-certificates"]
|
|
= Adding API server certificates
|
|
include::_attributes/common-attributes.adoc[]
|
|
:context: api-server-certificates
|
|
|
|
toc::[]
|
|
|
|
The default API server certificate is issued by an internal {product-title}
|
|
cluster CA. Clients outside of the cluster will not be able to verify the
|
|
API server's certificate by default. This certificate can be replaced
|
|
by one that is issued by a CA that clients trust.
|
|
|
|
[NOTE]
|
|
====
|
|
In hosted control plane clusters, you can add as many custom certificates to your Kubernetes API Server as you need. However, do not add a certificate for the endpoint that worker nodes use to communicate with the control plane.
|
|
|
|
// For more information, see xref:../../hosted_control_planes/hcp-deploy/hcp-deploy-bm.adoc#hcp-custom-cert_hcp-deploy-bm[Configuring a custom API server certificate in a hosted cluster].
|
|
====
|
|
|
|
include::modules/customize-certificates-api-add-named.adoc[leveloffset=+1] |