Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 4 Current »

Option 1 - Using GV-Essentials chart (recommended)

You can configure a custom TLS certificates during gv-essentials chart installation.

Go to TLS Certificate tab, click on Use Custom TLS Certificate and paste in the content of the certificate and private key in PEM format:

Use Self-signed Certificate

If you don’t want to import a custom certificate leave Use Custom TLS Certificate disabled, a self-signed certificate will then be auto generated instead.

Option 2 - Using kubectl (manual method)

  1. Have your private key and certificate in the PEM format (e.g. openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem) and create a file called custom_cert.yaml anywhere inside the cluster with the following content:

    apiVersion: v1
kind: Secret
metadata:
  name: custom-default-cert
  namespace: kube-system
type: kubernetes.io/tls
data:
  tls.crt: $CERTIFICATE_BASE64
  tls.key: $PRIVATE_KEY_BASE64
---
apiVersion: traefik.containo.us/v1alpha1
kind: TLSStore
metadata:
  name: default
  namespace: kube-system
spec:
  defaultCertificate:
    secretName: custom-default-cert

    1. Replace $CERTIFICATE_BASE64 with the base64 encoded content of your certificate (e.g. cat certificate.pem | base64)

    2. Replace $PRIVATE_KEY_BASE64 with the base64 encoded content of your private key (e.g. cat key.pem | base64)

  2. Run kubectl apply -f custom_cert.yaml

Sources:

  • No labels

Classified as Getvisibility - Partner/Customer Confidential