How to use Let's Encrypt on master / apiserver


I’m currently trying to make my RKE cluster available via “Authorized Endpoints” to directly auth / access it.

Now I’d be interested to have this endpoint available via a custom hostname and a let’s encrypt certificate… I already tried to create an ingress with cert manager issuing the certificate pointing to the “kubernetes” service, that unfortunately just results in an empty 400…

Am I missing something conceptual here? Is it possible to achieve what i want?

Thanks in advance, and biig probs to the rancher developers, very sweet tool.


Yes, you can achieve that. The custom hostname can be the FQDN of your load balancer. Vincent talks about the authorized endpoint and certificates here Authorized cluster endpoint setup?