Skip to end of banner Go to start of banner

Configure client custom SSL certificate

Skip to end of metadata

Created by Space Sync for Confluence on Dec 01, 2022

Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

Have your private key and certificate in the PEM format (e.g. openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem) and create a file called custom_cert.yaml anywhere inside the cluster with the following content:
```
apiVersion: v1
kind: Secret
metadata:
  name: custom-default-cert
  namespace: kube-system
type: kubernetes.io/tls
data:
  tls.crt: $CERTIFICATE_BASE64
  tls.key: $PRIVATE_KEY_BASE64
---
apiVersion: traefik.containo.us/v1alpha1
kind: TLSStore
metadata:
  name: default
  namespace: kube-system
spec:
  defaultCertificate:
    secretName: custom-default-cert
```
1. Replace $CERTIFICATE_BASE64 with the base64 encoded content of your certificate (e.g. cat certificate.pem | base64)
2. Replace $PRIVATE_KEY_BASE64 with the base64 encoded content of your private key (e.g. cat key.pem | base64)
Run kubectl apply -f custom_cert.yaml

Sources:

https://github.com/traefik/traefik-helm-chart/issues/187

No labels

Classified as Getvisibility - Partner/Customer Confidential