How to handle Let's Encrypt certificate renew when Rancher is using it


#1

Hi,

How to handle correctly Let’s Encrypt certificate renew in Rancher?

We ran a problem when our certificate issued by Let’s Encrypt used to make Rancher secure expires. The kubernetes nodes, Rancher created cluster, start to complain about the expired certificate and we need to do the steps below:
1 - Issue a new certificate for our domain
2 - Update certificate information on Rancher, standalone install
3 - Update the ca-checksum on the the deployment and daemonsets
4 - restart all pods to get the new certificate

Are there an easier way to do that?
Are some correct way to do that? Is something different than the steps above?
How to automate these steps?

Tks


Expired Certificate and Dropped Passwords?