Skip to content

Instantly share code, notes, and snippets.

@swagfin

swagfin/install-lets-encrypt-cert-microk8s.md

Last active July 8, 2024 15:15
Show Gist options
  • Save swagfin/8f497de85217ce0b7f206fce88640926 to your computer and use it in GitHub Desktop.
Save swagfin/8f497de85217ce0b7f206fce88640926 to your computer and use it in GitHub Desktop.
Download ZIP
Installing Lets Encrypt Certificate on Kubernetes (Microk8s Cluster)
Raw
install-lets-encrypt-cert-microk8s.md

Install Let's Encrypt SSL Certificate on Kubernetes Cluster (Microk8s)

Install Cert Manager

sudo microk8s kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.15.1/cert-manager.yaml

Create a Cluster Certiticate Issuer

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt
spec:
  acme:
    server: https://acme-v02.api.letsencrypt.org/directory
    email: your.email@gmail.com
    privateKeySecretRef:
       name: letsencrypt-key-1
    solvers:
    - http01:
        ingress:
          class: public

Modify your Ingress annotation and tls specification

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress-routes
  annotations:
    cert-manager.io/cluster-issuer: "letsencrypt"
spec:
  tls:
  - hosts:
#change to your domain
    - your.domain.com
    secretName: tls-secret
  rules:
#change to your domain
  - host: your.domain.com
    http:
      paths:
        - path: /
        pathType: Prefix
        backend:
          service:
            name: webserver-svc
            port:
              number: 80
@swagfin
Copy link
Author

swagfin commented May 27, 2023

This will redirect http traffic to https. To Disable redirection, and support both mixed http and https add this to the service's annotation

nginx.ingress.kubernetes.io/ssl-redirect: "false"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment