existing certificate
import certificate
#kubectl create secret tls example-secret --key cert/xxx.key --cert cert/xxx.pem
note that the name and suffix can be changed, such as the possibility that the certificate suffix is CRT.
ingressde yaml file configuration example:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: example
spec:
tls:
- hosts:
- www.example.com
secretName: example-secret
rules:
- host: www.example.com
http:
paths:
- backend:
serviceName: example
servicePort: 80
Check
h4>
kubectl get secret
self-generated certificate
kubectl get secret
can do its own ca, generate its own certificate,. But this way your debugging can also used as a production environment, most browsers will prompt site is not safe, you can configure the browser to trust your own ca, but other users can’t all such operations, so you can go to some free certificate application website to apply for free use, although there is a life, but also is a kind of emergency plans.