Difference between revisions of "Kind: ClusterIssuer"
Jump to navigation
Jump to search
| (9 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
{{lc}} | {{lc}} | ||
| + | * https://stackoverflow.com/questions/62737424/how-to-to-enable-https-on-eks-using-nginx-ingress-and-cert-manager-with-route53 | ||
| + | |||
| + | kubectl apply -f [[ClusterIssuer.yaml]] | ||
| + | clusterissuer.cert-manager.io/letsencrypt-prod created | ||
| + | |||
| + | apiVersion: cert-manager.io/v1 | ||
| + | kind: ClusterIssuer | ||
| + | metadata: | ||
| + | name: letsencrypt-prod | ||
| + | namespace: cert-manager | ||
| + | spec: | ||
| + | acme: | ||
| + | server: https://acme-v02.api.letsencrypt.org/directory | ||
| + | email: MYEMAIL | ||
| + | privateKeySecretRef: | ||
| + | name: letsencrypt-prod | ||
| + | solvers: | ||
| + | - http01: | ||
| + | ingress: | ||
| + | class: nginx | ||
| + | |||
| + | |||
| − | + | apiVersion: cert-manager.io/v1alpha2 | |
| − | + | kind: ClusterIssuer | |
| − | + | metadata: | |
| − | apiVersion: cert-manager.io/ | + | name: letsencrypt-prod |
| − | kind: ClusterIssuer | + | namespace: cert-manager |
| − | metadata: | + | spec: |
| − | name: letsencrypt- | ||
| − | spec: | ||
acme: | acme: | ||
| − | server: https://acme | + | server: https://acme-v02.api.letsencrypt.org/directory |
| − | email: | + | email: MYEMAIL |
privateKeySecretRef: | privateKeySecretRef: | ||
| − | name: letsencrypt- | + | name: letsencrypt-prod |
solvers: | solvers: | ||
| − | - | + | - http01: |
| − | + | ingress: | |
| − | + | class: nginx | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| + | https://cert-manager.io/docs/tutorials/getting-started-aks-letsencrypt/ | ||
| + | # clusterissuer-lets-encrypt-staging.yaml | ||
| + | apiVersion: [[cert-manager.io]]/v1 | ||
| + | kind: ClusterIssuer | ||
| + | metadata: | ||
| + | name: letsencrypt-staging | ||
| + | spec: | ||
| + | [[acme]]: | ||
| + | server: https://acme-staging-v02.api.letsencrypt.org/directory | ||
| + | email: $EMAIL_ADDRESS | ||
| + | privateKeySecretRef: | ||
| + | name: letsencrypt-staging | ||
| + | solvers: | ||
| + | - dns01: | ||
| + | azureDNS: | ||
| + | resourceGroupName: $AZURE_DEFAULTS_GROUP | ||
| + | subscriptionID: $AZURE_SUBSCRIPTION_ID | ||
| + | hostedZoneName: $DOMAIN_NAME | ||
| + | environment: AzurePublicCloud | ||
| + | managedIdentity: | ||
| + | clientID: $USER_ASSIGNED_IDENTITY_CLIENT_ID | ||
| + | == Related == | ||
| + | * <code>[[kind: Issuer]]</code> | ||
| + | == See also == | ||
| + | * {{kind: Certificate}} | ||
| + | * {{cert-manager.io}} | ||
| − | + | [[Category:Cert-manager]] | |
Latest revision as of 10:55, 14 February 2024
kubectl apply -f ClusterIssuer.yaml clusterissuer.cert-manager.io/letsencrypt-prod created apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-prod namespace: cert-manager spec: acme: server: https://acme-v02.api.letsencrypt.org/directory email: MYEMAIL privateKeySecretRef: name: letsencrypt-prod solvers: - http01: ingress: class: nginx
apiVersion: cert-manager.io/v1alpha2 kind: ClusterIssuer metadata: name: letsencrypt-prod namespace: cert-manager spec: acme: server: https://acme-v02.api.letsencrypt.org/directory email: MYEMAIL privateKeySecretRef: name: letsencrypt-prod solvers: - http01: ingress: class: nginx
https://cert-manager.io/docs/tutorials/getting-started-aks-letsencrypt/
# clusterissuer-lets-encrypt-staging.yaml apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-staging spec: acme: server: https://acme-staging-v02.api.letsencrypt.org/directory email: $EMAIL_ADDRESS privateKeySecretRef: name: letsencrypt-staging solvers: - dns01: azureDNS: resourceGroupName: $AZURE_DEFAULTS_GROUP subscriptionID: $AZURE_SUBSCRIPTION_ID hostedZoneName: $DOMAIN_NAME environment: AzurePublicCloud managedIdentity: clientID: $USER_ASSIGNED_IDENTITY_CLIENT_ID
Related[edit]
See also[edit]
Advertising:
