Skip to content

Instantly share code, notes, and snippets.

@pixie79

pixie79/gist:cffae80bc9b0fee43d3f10e495995955

Created September 3, 2020 13:04
Show Gist options
  • Save pixie79/cffae80bc9b0fee43d3f10e495995955 to your computer and use it in GitHub Desktop.
Save pixie79/cffae80bc9b0fee43d3f10e495995955 to your computer and use it in GitHub Desktop.
Download ZIP
mongo-cert.yaml
Raw
gistfile1.txt
---
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
name: mongo-pod-cert
spec:
secretName: mongo-pod-cert
duration: 2160h # 90d
renewBefore: 360h # 15d
isCA: false
keySize: 2048
keyAlgorithm: rsa
keyEncoding: pkcs1
issuerRef:
name: internal-ca
kind: Issuer
usages:
- server auth
- client auth
commonName: "*.mongo.default.svc.cluster.local"
dnsNames:
- mongodb-0
- mongodb-1
- mongodb-2
- mongodb-0.mongodb-headless.default
- mongodb-1.mongodb-headless.default
- mongodb-2.mongodb-headless.default
- mongodb-0.mongodb-headless.default.svc
- mongodb-1.mongodb-headless.default.svc
- mongodb-2.mongodb-headless.default.svc
- mongodb-0.mongodb-headless.default.svc.cluster.local
- mongodb-1.mongodb-headless.default.svc.cluster.local
- mongodb-2.mongodb-headless.default.svc.cluster.local
- mongo-headless.default.svc.cluster.local
- localhost
ipAddresses:
- 127.0.0.1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment