Question

Error when approving certificate following Recommended steps to Secure Kubernetes cluster

I was following the guide Recommended Steps to Secure a DigitalOcean Kubernetes Cluster and at the approving step I’m receiving a not found response and an error

error: no kind "CertificateSigningRequest" 
is registered for version "certificates.k8s.io/v1" 
in scheme "k8s.io/kubernetes/pkg/kubectl/scheme/scheme.go:28"

I did create a private certificate using openssl and then a certificate signing request configuration with CN set to user, the username I want to allow access.

Then I created the certificate signing request by using api v1 as in Kubernetes Certificate Signing Requests documentation

apiVersion: certificates.k8s.io/v1
kind: CertificateSigningRequest
metadata:
  name: user
spec:
  groups:
  - system:authenticated
  request: L...=
  signerName: kubernetes.io/kube-apiserver-client
  usages:
  - client auth

I saved this file as user.yml and applied to the cluster using the kubeconfig downloaded from the admin panel.

kubectl apply -f ./user.yml

kubectl get csr

The pending CSR lists the one I added

NAME      AGE   SIGNERNAME                         REQUESTOR  CONDITION
user   62m   kubernetes.io/kube-apiserver-client   DO-email   Pending

But when I want to approve it I get back the error

kubectl certificate approve user

No resources found
error: no kind "CertificateSigningRequest" is registered for version "certificates.k8s.io/v1" in scheme "k8s.io/kubernetes/pkg/kubectl/scheme/scheme.go:28"

Any idea?


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer