I deployed the application in the cluster and want to enable the ssl certificate Lets encrypt for it. What tools and procedures do you have in Rancher for this? Thank you!
Hi @111
There are a few different ways to configure SSL certificate to your applications, you can try the following one to have your urls certified.
First, configure Cert Manager in your environment, you can configure it following the procedure specified in their webpage: https://cert-manager.io/docs/installation/kubernetes/
Second, configure a ClusterIssuer as the example below:
apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
email: <your-email@mail.com>
server: https://acme-staging-v02.api.letsencrypt.org/directory
#For Staging https://acme-staging-v02.api.letsencrypt.org/directory
#For Production: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: account-private-key
solvers:
- selector: {}
http01:
ingress:
class: nginx
And finally configure you Ingress to use the cluster-issuer as the following example:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: node
annotations:
kubernetes.io/ingress.class: "nginx"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
kubernetes.io/tls-acme: "true"
spec:
tls:
- hosts:
- webpage.example.com
secretName: ingress-cert
rules:
- host: webpage.example.com
http:
paths:
- path: /
backend:
serviceName: node
servicePort: 80
I hope it helps you somehow
ClusterIssuer is which section in the rancher? I can’t find out which section I can create this entry in.