Difference between revisions of "Kubernetes cert-manager"
Jump to navigation
Jump to search
(28 intermediate revisions by the same user not shown) | |||
Line 2: | Line 2: | ||
* https://cert-manager.io/ | * https://cert-manager.io/ | ||
− | + | <code>[[helm repo add jetstack]] https://charts.jetstack.io && [[helm repo update]]</code> | |
− | + | <code>[[helm install cert-manager]]</code> | |
− | + | <code>[[kubectl apply -f ./certbot-issuers.yaml]]</code> | |
− | |||
− | |||
− | |||
* <code>[[kubectl get issuer]]</code> | * <code>[[kubectl get issuer]]</code> | ||
Line 13: | Line 10: | ||
* <code>[[kubectl get certificates]]</code> | * <code>[[kubectl get certificates]]</code> | ||
− | * <code>[[kubectl describe certificaterequest ]]</code> | + | * <code>[[kubectl describe certificaterequest]]</code> |
+ | * <code>[[k describe issuer -A]]</code> | ||
+ | * <code>[[k describe certificate -A]]</code> | ||
+ | |||
+ | * <code>[[kubectl describe challenge -A]]</code> | ||
+ | * <code>[[kubectl describe order -A]]</code> | ||
+ | * <code>[[k describe service]] cm-acme-http-solver-m5l52 -n grafana</code> | ||
+ | * <code>[[k describe order -A]]</code> | ||
+ | |||
+ | |||
+ | * <code>[[kubectl describe csr]],[[cert]],[[issuer]],[[cr]] -A</code> | ||
+ | * [[kubectl log]] | ||
+ | |||
+ | * <code>[[kind: Certificate]], [[kind: ClusterIssuer]]</code> | ||
+ | |||
+ | == Errors == | ||
+ | │ Warning: Helm release "cert-manager" was created but has a failed status. Use the `helm` command to investigate the error, correct it, then run Terraform again. | ||
+ | |||
+ | {{Controller.go the object has been modified}} | ||
+ | |||
+ | [[remote error: tls: unrecognized name]] | ||
== Related == | == Related == | ||
+ | * [[Issuer]] | ||
* [[Venafi]] | * [[Venafi]] | ||
* [[Jetstack]] | * [[Jetstack]] | ||
* https://artifacthub.io/packages/helm/cert-manager/cert-manager | * https://artifacthub.io/packages/helm/cert-manager/cert-manager | ||
− | |||
* API reference: https://cert-manager.io/docs/reference/api-docs/#acme.cert-manager.io/v1.ACMEChallengeSolverHTTP01IngressPodSpec | * API reference: https://cert-manager.io/docs/reference/api-docs/#acme.cert-manager.io/v1.ACMEChallengeSolverHTTP01IngressPodSpec | ||
* <code>[[kubectl get apiservices]]</code> | * <code>[[kubectl get apiservices]]</code> | ||
* [[Cert-manager CRDs]] | * [[Cert-manager CRDs]] | ||
− | |||
* <code>[[kube-root-ca.crt]]</code> | * <code>[[kube-root-ca.crt]]</code> | ||
− | |||
== See also == | == See also == | ||
+ | * {{certificates.k8s.io}} | ||
+ | * {{cert-manager.io}} | ||
* {{cert-manager}} | * {{cert-manager}} | ||
* {{K8s TLS}} | * {{K8s TLS}} | ||
− | |||
− | |||
[[Category:K8s]] | [[Category:K8s]] | ||
[[Category:CNCF]] | [[Category:CNCF]] | ||
+ | [[Category:Cert-manager]] |
Latest revision as of 12:36, 28 June 2024
wikipedia:Cert-manager X.509 certificate management for Kubernetes and OpenShift.
helm repo add jetstack https://charts.jetstack.io && helm repo update
helm install cert-manager
kubectl apply -f ./certbot-issuers.yaml
kubectl describe challenge -A
kubectl describe order -A
k describe service cm-acme-http-solver-m5l52 -n grafana
k describe order -A
Errors[edit]
│ Warning: Helm release "cert-manager" was created but has a failed status. Use the `helm` command to investigate the error, correct it, then run Terraform again.
controller.go .../... error="Operation cannot be fulfilled on certificaterequests.cert-manager.io .../... the object has been modified; please apply your changes to the latest version and try again
remote error: tls: unrecognized name
Related[edit]
- Issuer
- Venafi
- Jetstack
- https://artifacthub.io/packages/helm/cert-manager/cert-manager
- API reference: https://cert-manager.io/docs/reference/api-docs/#acme.cert-manager.io/v1.ACMEChallengeSolverHTTP01IngressPodSpec
kubectl get apiservices
- Cert-manager CRDs
kube-root-ca.crt
See also[edit]
certificates.k8s.io
cert-manager.io [ /issuer | /cluster-issuer ] [ issuer. | certificaterequests. | challenges. ] kind: Issuer, kind: ClusterIssuer
cert-manager
,cert-manager-controller, ingress-shim
,kind: Certificate, kind: ClusterIssuer, Kind: CertificateSigningRequest
, kind: Issuer,kubectl [ get | describe ] certificates
,cmctl
,kubectl get issuer, kubectl get csr, IngressShim
- Kubernetes cert-manager,
kube-root-ca.crt
Advertising: