Merge pull request opsnull#318 from xkai08/patch-1

Update A.浏览器访问kube-apiserver安全端口.md
songhui1984 · Oct 18, 2018 · af2b577 · af2b577
2 parents 15fa6ba + 66899e3
commit af2b577
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/A.浏览器访问kube-apiserver安全端口.md b/A.浏览器访问kube-apiserver安全端口.md
@@ -6,6 +6,10 @@
 这是因为 kube-apiserver 的 server 证书是我们创建的根证书 ca.pem 签名的，需要将根证书 ca.pem 导入操作系统，并设置永久信任。对于 Mac，操作如下：
 
 ![keychain](images/keychain.png)
+对于win使用以下命令导入ca.perm
+``` bash
+keytool -import -v -trustcacerts -alias appmanagement -file "PATH...\\ca.pem" -storepass password -keystore cacerts
+```
 
 再次访问 https://172.27.129.105:6443/，已信任，但提示 401，未授权的访问：
 
@@ -42,4 +46,4 @@
 ## 参考
 + https://github.com/kubernetes/kubernetes/issues/31665
 + https://www.sslshopper.com/ssl-converter.html
-+ https://stackoverflow.com/questions/40847638/how-chrome-browser-know-which-client-certificate-to-prompt-for-a-site
++ https://stackoverflow.com/questions/40847638/how-chrome-browser-know-which-client-certificate-to-prompt-for-a-site