Measures

The following flags should be set in the ETCD yaml:

--clint-cert-auth=true

--peer-client-cert-auth=true

--peer-key-file=<path to peerkey>/peer.key

--peer-cert-file=<path to peercert>/peer.crt

--key-file=<path to serverkey>/server.key

--cert-file=<path to servercert>/server.crt

--trusted-ca-file=<path to cacert>/ca.crt

Like in the API-SERVER yaml:

--etcd-cafile=<path from the --trusted-ca-file and --peer-trusted-ca-file in the ETCD yaml>.

--etcd-keyfile=<path to apikey>/apiserver-etcd-client.key

--etcd-certfile=<path to apicert>/apiserver-etcd-client.crt