Skip to content

Instantly share code, notes, and snippets.

@ericsyh

ericsyh/istio-gateway-certs.yaml

Created March 30, 2022 01:36
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ericsyh/bb524fdb386547b09d81c0bacce7e82f to your computer and use it in GitHub Desktop.
Save ericsyh/bb524fdb386547b09d81c0bacce7e82f to your computer and use it in GitHub Desktop.
Download ZIP
Raw
istio-gateway-certs.yaml
apiVersion: v1
kind: Namespace
metadata:
name: istio-system
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: selfsigned-issuer
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: my-selfsigned-ca
namespace: istio-system
spec:
isCA: true
commonName: my-selfsigned-ca
secretName: root-secret
privateKey:
algorithm: ECDSA
size: 256
issuerRef:
name: selfsigned-issuer
kind: ClusterIssuer
group: cert-manager.io
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: my-ca-issuer
namespace: istio-system
spec:
ca:
secretName: root-secret
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: my-selfsigned-cert
namespace: istio-system
spec:
commonName: my-selfsigned-cert
dnsNames:
- '*.example.com'
duration: 2160h0m0s
issuerRef:
name: selfsigned-issuer
kind: ClusterIssuer
group: cert-manager.io
privateKey:
algorithm: RSA
encoding: PKCS8
size: 4096
renewBefore: 360h0m0s
secretName: tls-secret
subject:
organizations:
- pulsar
usages:
- server auth
- client auth
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment