Open lahabana opened 4 months ago
With https://github.com/kumahq/kuma/pull/9342 it becomes easy to use cert-manager for cp certs.
It would be nice to have a guide for it:
cert manager stuff used:
apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: selfsigned-issuer spec: selfSigned: {} --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: kuma-selfsigned-ca namespace: kuma-system spec: isCA: true commonName: kuma-selfsigned-ca secretName: root-secret privateKey: algorithm: ECDSA size: 256 issuerRef: name: selfsigned-issuer kind: ClusterIssuer group: cert-manager.io --- apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: kuma-issuer namespace: kuma-system spec: ca: secretName: root-secret --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: control-plane-cert namespace: kuma-system spec: secretName: control-plane-cert duration: 2160h # 90d renewBefore: 360h # 15d isCA: false privateKey: algorithm: RSA encoding: PKCS1 size: 2048 usages: - server auth dnsNames: - kuma-control-plane.kuma-system.svc - kuma-control-plane - kuma-control-plane.kuma-system - kuma-control-plane.kuma-system.svc.local issuerRef: name: kuma-issuer kind: Issuer
values:
controlPlane: tls: general: secretName: control-plane-cert
This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.
Description
With https://github.com/kumahq/kuma/pull/9342 it becomes easy to use cert-manager for cp certs.
It would be nice to have a guide for it:
cert manager stuff used:
values: