Examples for the certificate approve|deny commands were added to kubectl via https://github.com/kubernetes/kubernetes/pull/103524. However, in the latest 4.9 oc, the examples still use kubectl instead of oc adm. Also, the long description references kubectl still as well, though I think this was a problem in previous releases as well. ---------------------------------------------------------------- [ahoffer@ahoffer ~] $ oc adm certificate deny --help Deny a certificate signing request. kubectl certificate deny allows a cluster admin to deny a certificate signing request (CSR). This action tells a certificate signing controller to not to issue a certificate to the requestor. Usage: oc adm certificate deny (-f FILENAME | NAME) [flags] Examples: # Deny CSR 'csr-sqgzp' kubectl certificate deny csr-sqgzp [ahoffer@ahoffer ~] $ oc version Client Version: 4.9.0-202108170012.p0.git.681248e.assembly.stream-681248e ----------------------------------------------------------------
the issue has fixed: [root@localhost ~]# oc adm certificate deny --help Deny a certificate signing request. oc adm certificate deny allows a cluster admin to deny a certificate signing request (CSR). This action tells a certificate signing controller to not to issue a certificate to the requestor. Usage: oc adm certificate deny (-f FILENAME | NAME) [flags] Examples: # Deny CSR 'csr-sqgzp' oc adm certificate deny csr-sqgzp [root@localhost ~]# oc version --client Client Version: 4.9.0-202108192235.p0.git.5622598.assembly.stream-5622598
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759