Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

CTE Kubernetes Signing Tool

Introduction to the CTE Signing Tool

search

Introduction to the CTE Signing Tool

CTE for Kubernetes uses standard signature sets to test if a pod in the cluster has permission to use a CTE for Kubernetes Storage Group policy. Currently, CTE for Kubernetes is unable to pass signature sets to CipherTrust Manager like CipherTrust Transparent Encryption can. To alleviate this problem, Thales has created a utility that can populate CipherTrust Manager with signatures from other containers.

Specifically, the utility:

  1. Calculates a list of binary paths.

  2. Includes the URL and tag of a container from which to get the image.

  3. Collects CipherTrust Manager authentication credentials.

  4. Downloads the container image and collects signatures from it.

  5. Calculates the SHA256 sum of all of the binary paths requested.

  6. Requests authentication with CipherTrust Manager.

  7. Pushes signatures collected from other containers to CipherTrust Manager.

Obtaining the Tool

This tool is available from the Thales Support Portal. Search for CipherTrust Transparent Encryption for Kubernetes. The file will be a tar file. Decompress it with tar -xf.

On this page