I am deploying rancher UI on rke2 cluster, during following their documentation, they said use cert-manager to create self signed certs for rancher.
firstly, what is the name of certificate and key (self-signed certs) created by cert-manager and I believe those certs are stored as secret in namespace of cattle-system
I can see there are many secrets got created during installation of cert-manager and rancher
k get secrets -n cattle-system
NAME TYPE DATA AGE
bootstrap-secret Opaque 1 21h
cattle-webhook-ca kubernetes.io/tls 2 20h
cattle-webhook-tls kubernetes.io/tls 2 20h
git-webhook-api-service-token-29w9p kubernetes.io/service-account-token 3 21h
helm-operation-4zsn5 Opaque 3 21h
helm-operation-759ss Opaque 3 21h
helm-operation-7hxjv Opaque 3 21h
helm-operation-8nv86 Opaque 3 21h
helm-operation-cbtvb Opaque 3 21h
helm-operation-d8kgw Opaque 3 21h
helm-operation-g7fjg Opaque 3 21h
helm-operation-kmqk7 Opaque 3 20h
helm-operation-l5nn4 Opaque 3 21h
helm-operation-qk6jh Opaque 3 21h
helm-operation-s8jk6 Opaque 3 21h
helm-operation-vxnwp Opaque 3 21h
helm-operation-w96lx Opaque 3 21h
pod-impersonation-helm-op-22lwh-token kubernetes.io/service-account-token 3 21h
pod-impersonation-helm-op-52vh4-token kubernetes.io/service-account-token 3 21h
pod-impersonation-helm-op-55kp8-token kubernetes.io/service-account-token 3 21h
pod-impersonation-helm-op-9lfcb-token kubernetes.io/service-account-token 3 20h
pod-impersonation-helm-op-gvq6d-token kubernetes.io/service-account-token 3 21h
pod-impersonation-helm-op-mc8b8-token kubernetes.io/service-account-token 3 21h
pod-impersonation-helm-op-njkzz-token kubernetes.io/service-account-token 3 21h
pod-impersonation-helm-op-p7n2n-token kubernetes.io/service-account-token 3 21h
pod-impersonation-helm-op-qvwfh-token kubernetes.io/service-account-token 3 21h
pod-impersonation-helm-op-s5qp8-token kubernetes.io/service-account-token 3 21h
pod-impersonation-helm-op-s9nlv-token kubernetes.io/service-account-token 3 21h
pod-impersonation-helm-op-wk7bp-token kubernetes.io/service-account-token 3 21h
pod-impersonation-helm-op-zrfnc-token kubernetes.io/service-account-token 3 21h
rancher-token-c8ggm kubernetes.io/service-account-token 3 21h
serving-cert kubernetes.io/tls 2 21h
sh.helm.release.v1.rancher-webhook.v1 helm.sh/release.v1 1 20h
sh.helm.release.v1.rancher.v1 helm.sh/release.v1 1 21h
tls-rancher kubernetes.io/tls 2 21h
tls-rancher-internal kubernetes.io/tls 2 21h
tls-rancher-internal-ca kubernetes.io/t
which ones for rancher to use.
Secondly, do I need to create TLS secret (tls-rancher-ingress) containing the tls.crt and tls.key?
if yes which certificates to use to create tls secret called tls-rancher-ingress.
Please advise
Thank you