I was able to figure this out finally after many tries. I created a csr using the site Kubernetes.io since we can use this during the exam.
openssl genrsa -out akshay.key 2048
openssl req -new -key akshay.key -out akshay.csr
converted the key to base64
cat akshay.csr | base 64
I used this command but it was messy with replacing text. Is there an easier way.
cat <<EOF | kubectl apply -f -
apiVersion: certificates.k8s.io/v1
kind: CertificateSigningRequest
metadata:
name: akshay
spec:
groups:
- system:authenticated
request: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQ1ZqQ0NBVDRDQVFBd0VURVBNQTBHQTFVRUF3d0dZV3R6YUdGNU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRgpBQU9DQVE4QU1JSUJDZ0tDQVFFQXdlZDJSYzFVUGFlT0d4L2JOL0hLSmZFSkFDODh1VTl0Q0xaV09udTJOZmlXCk9GdXBNYnhNeGU1aFg4NldzbnVjU2lwcU5lNnNYMDB4blBVVTcvM0NwNGtPNXFmRHBYenNxSEYxNnduM0t5Uk0KK05YcHJwSHlyNDRiUzFaNEIyMkhZempnamJtaXlpVHBxamtBaVZoY3J0cHpxSjlFbTRacnJZTVYxaE5FRCtVRQpOTmV2eDc0Qi83U3JCaGU3QTBQVVQwZGN3UjNxNHFjUldaS1U2V2NhTzhid3l6eElud2VMbmlRM2RDbDNGVVdtCkNKbmNmbkJVRk9RMEhEQXVMUWJQWlkrWWMrVVB4VUxiMVg3MStKWE4xQXdaVnBOeVdQZS9ISkswWVdGb3BiaDgKSDJxNzZyS3lUL29neVpDRWs0b0lnaEpSZGRiakhCUEZSVHZuMjlQcld3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVMQlFBRGdnRUJBSk1CYU5RWVV0V0pIMFBrZlFudUNmeFdlMHd4MitQdzJhZVU5MzJPVzlVTVV4V1RyVUw2CnY0UVZPRS8xT3RXeVJhQ2wvdVB1cmZUWWQ4M2ZZYVlmTjlUUXRUSlJ4azBEL3FtT1lSTGVZL0ZnNFhEbitpMmkKcXM0L1A4SXNxZW4yTnM4T1puRWFhZzcySWtiam9VazJOZGxKMUFsZTlSSFFtVElBTUJ5dTZraWN2cllqQlovdwpva3ZHTjV3TExkNks3K1EzN0YxRDRFRWlZVFMySllCSVZVbVVqUjUzOWQwQ3pDSXRzd25ldStxNXZ2MWMyeGRZCit6UjlLYk8rbFBrb2dsTmtuc0t0K1BBZDdwVXpCa0dybDBRblBFOHQ3SUJoOGozWlhBU2tBdEt4OWl6cXJqK1AKY3ZXblUwUVVidTFxRFBBODM4anRrN3pDQTIxMWorYmJsdWM9Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=
signerName: kubernetes.io/kube-apiserver-client
usages:
- client auth
EOF