Open gitreich opened 1 month ago
Solved for Signer: Changed File: charts/values.yaml
# Ingress (Optional)
# Optional: if 'host' is set, a publicly accessible Ingress controller is created with an SSL cert (using letsencrypt)
ingress:
# host: "full.qualified.server.name"
# cert_email: "email@example.com"
tls:
- hosts:
- "full.qualified.server.name"
secretName: "my-tls"
# Optional: Uncomment to use your own cluster-issuer instead of default ACME https validation
custom_cluster_issuer: "my-ca-issuer"
Also added cluster issuer like this:
microk8s kubectl apply -n cert-manager -f - <<EOF
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: my-ca-issuer
spec:
ca:
secretName: my-tls
EOF
returned: clusterissuer.cert-manager.io/my-ca-issuer configured
But on Port 80 I still have no valid Certificate
Now I have a valid Certificate for Ingress for the Frontend. Basically I changed in charts/templates/ingress.yaml 2 lines: I added at annotations of ingress-main: nginx.ingress.kubernetes.io/default-ssl-certificate: my-tls and in the spec section the secretName: secretName: my-tls
But the Auth-Signer is still in the endless dieing loop - Maybe someone can provide a little help for the config of auth-signer?
At least I can crawl and replay now with ssl certificate and in all browsers!
What change would you like to see?
I would like to use my own SSL Certificate for the btrix deployment and not one of ACME (Lets Encrypt)
copied microk8s-hosted.yaml from charts/examples to charts/onb-config
I changed the following things in the Config:
The Secret was added before microk8s kubectl create secret tls my-tls --namespace default --key=certs/my.key --cert=certs/my.crt -o yaml
Context
Deployment on a remote host