15 lines
577 B
Diff
15 lines
577 B
Diff
diff --git a/cert/verification.go b/cert/verification.go
|
|
index 39f255c..97fa613 100644
|
|
--- a/cert/verification.go
|
|
+++ b/cert/verification.go
|
|
@@ -10,6 +10,9 @@ import (
|
|
|
|
// CertificateMatchesHostname checks if the Certificates hosts are the same as the given hosts
|
|
func CertificateMatchesHostname(hosts []string, cert *x509.Certificate) bool {
|
|
+ // kubernetes system certs (i.e. CN=system:kube-proxy)
|
|
+ if len(hosts) == 1 && len(cert.DNSNames)+len(cert.IPAddresses) == 0 { return true }
|
|
+
|
|
a := make([]string, len(hosts))
|
|
for idx := range hosts {
|
|
// normalize the IPs.
|