From 71561ecda2ca7eab3220bf788ba7f0be5cf9844a Mon Sep 17 00:00:00 2001 From: Brad Davidson Date: Wed, 6 May 2020 16:51:35 -0700 Subject: [PATCH] Use ClientCA for the signer controller --- pkg/daemons/control/server.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/daemons/control/server.go b/pkg/daemons/control/server.go index bd1b743f88..63f08c9b8b 100644 --- a/pkg/daemons/control/server.go +++ b/pkg/daemons/control/server.go @@ -131,8 +131,8 @@ func controllerManager(cfg *config.Control, runtime *config.ControlRuntime) erro "bind-address": localhostIP.String(), "secure-port": "0", "use-service-account-credentials": "true", - "cluster-signing-cert-file": runtime.ServerCA, - "cluster-signing-key-file": runtime.ServerCAKey, + "cluster-signing-cert-file": runtime.ClientCA, + "cluster-signing-key-file": runtime.ClientCAKey, } if cfg.NoLeaderElect { argsMap["leader-elect"] = "false"