K8s configure HTTPS with existing certificate

existing certificate

import certificate

#kubectl create secret tls example-secret --key cert/xxx.key --cert cert/xxx.pem

note that the name and suffix can be changed, such as the possibility that the certificate suffix is CRT.

ingressde yaml file configuration example:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: example
spec:
  tls:
    - hosts:
        - www.example.com
      secretName: example-secret
  rules:
  - host: www.example.com
    http:
      paths:
      - backend:
          serviceName: example
          servicePort: 80

Check

kubectl get secret

self-generated certificate

can do its own ca, generate its own certificate,. But this way your debugging can also used as a production environment, most browsers will prompt site is not safe, you can configure the browser to trust your own ca, but other users can’t all such operations, so you can go to some free certificate application website to apply for free use, although there is a life, but also is a kind of emergency plans.


Read More: