high-fall-28740
07/05/2022, 11:55 PMhundreds-state-15112
07/05/2022, 11:56 PM/var/lib/rancher/k3s/server/tls
high-fall-28740
07/06/2022, 12:00 AMhundreds-state-15112
07/06/2022, 12:04 AM--service-account-key-file=/var/lib/rancher/k3s/server/tls/service.key # 1.2.28
--service-account-signing-key-file=/var/lib/rancher/k3s/server/tls/service.key
/var/lib/rancher/k3s/server/cred/
looks interesting?high-fall-28740
07/06/2022, 12:07 AMhundreds-state-15112
07/06/2022, 12:09 AMhigh-fall-28740
07/06/2022, 12:10 AMcreamy-pencil-82913
07/06/2022, 4:35 AMhigh-fall-28740
07/06/2022, 5:04 AMcreamy-pencil-82913
07/06/2022, 8:12 AMhigh-fall-28740
07/06/2022, 3:44 PMserviceaccount
public key but the web based JWKS decoder is throwing me for a loopcreamy-pencil-82913
07/06/2022, 5:19 PMkubectl get --raw /openid/v1/jwks
? There is also /.well-known/openid-configuration
The JWKS response contains public keys that a relying party can use to validate the Kubernetes service account tokens. Relying parties first query for the OpenID Provider Configuration, and use thefield in the response to find the JWKS.jwks_uri
high-fall-28740
07/06/2022, 5:48 PMcreamy-pencil-82913
07/06/2022, 6:06 PMhigh-fall-28740
07/06/2022, 8:24 PM