Cert Manager

Cert Manager
Tags:

Azure Kubernetes and cert Manager

Implement SSL using Lets Encrypt

Install Cert Manager

  • Add the Jetstack Helm repository
helm repo add jetstack https://charts.jetstack.io
  • Update your local Helm chart repository cache
helm repo update
  • Install the cert-manager Helm chart
helm upgrade cert-manager jetstack/cert-manager \
    --install \
    --create-namespace \
    --wait \
    --namespace cert-manager \
    --set installCRDs=true
  • Verify Cert Manager pods
kubectl -n cert-manager get all
  • Below Api will be available
    • Certificate
    • CertificateRequest
    • Issuer
  • Create a ClusterIssuer and a Certificate
apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
  name: letsencrypt
spec:
  acme:
    server: https://acme-v02.api.letsencrypt.org/directory
    email: <Povide your email>
    privateKeySecretRef:
      name: letsencrypt
    solvers:
      - http01:
          ingress:
            class: nginx
  • Create ingress rules as below
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: name-tomcat
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-production
    nginx.ingress.kubernetes.io/rewrite-target: /$1
    nginx.ingress.kubernetes.io/use-regex: "true"
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - old.serverwebpage.com
    secretName: tls-secret 
  rules:
   - host: old.serverwebpage.com
     http:
       paths:
        - pathType: Prefix
          path: "/"
          backend:
            service:
              name: old
              port:
               number: 80
  • Check if new certificate is in ready state
Kubectl get certificate
  • Test your app now