DEV Community

Choonho Son
Choonho Son

Posted on • Edited on

Install cert-manager & Let's encrypt

Certification is one of critical security feature.

In Kubernetes, cert-manager is key role for certification management.

For cert-manager, there are only two steps.

  1. Install cert-manager by helm chart
  2. Configure Issuer

Installation 

helm repo add jetstack https://charts.jetstack.io --force-update

helm repo update

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.5/cert-manager.crds.yaml

helm install \
  cert-manager jetstack/cert-manager \
  --namespace cert-manager \
  --create-namespace \
  --version v1.14.5
Enter fullscreen mode Exit fullscreen mode

Install Let's Encrypt Issuer

  • kind ClusterIssuer is global scope API, so you don't need any namespace.

File: clusterissuer.yaml

apiVersion: cert-manager.io/v1
kind: ClusterIssuer # I'm using ClusterIssuer here
metadata:
  name: letsencrypt-prod
spec:
  acme:
    server: https://acme-v02.api.letsencrypt.org/directory
    email: <your-email-address>
    privateKeySecretRef:
      name: letsencrypt-prod
    solvers:
    - http01:
        ingress:
          class: nginx
Enter fullscreen mode Exit fullscreen mode

Apply cluster issuer

kubectl apply -f clusterissuer.yaml
Enter fullscreen mode Exit fullscreen mode

Reference

https://cert-manager.io/docs/installation/helm/

Top comments (0)

Read next

mathsena profile image

When to Use Kafka or RabbitMQ: Choosing Between Stream Processing and Message Queues

Matheus Sena -

catundanatalia profile image

We are simplifying (literals(arrays and objects)) in Js.

Natália Catunda -

khalid7487 profile image

Multipart from data send to backend as json file using axios.

Md. Khalid Hossen -

fabianoflorentino profile image

A interface Write

Fabiano Santos Florentino -