72 lines
1.7 KiB
YAML
72 lines
1.7 KiB
YAML
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: selfsigned
|
|
spec:
|
|
selfSigned: {}
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: selfsigned-ca
|
|
spec:
|
|
subject:
|
|
organizations:
|
|
- undercloud
|
|
isCA: true
|
|
commonName: selfsigned-ca
|
|
secretName: root-secret
|
|
privateKey:
|
|
algorithm: ECDSA
|
|
size: 256
|
|
issuerRef:
|
|
name: selfsigned
|
|
kind: ClusterIssuer
|
|
group: cert-manager.io
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: ca
|
|
spec:
|
|
ca:
|
|
secretName: root-secret
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: letsencrypt-staging
|
|
spec:
|
|
acme:
|
|
email: thrawn235@gmail.com
|
|
server: https://acme-staging-v02.api.letsencrypt.org/directory
|
|
privateKeySecretRef:
|
|
# Secret resource that will be used to store the account's private key.
|
|
name: letsencrypt-staging
|
|
# Add a single challenge solver, HTTP01 using nginx
|
|
solvers:
|
|
- http01:
|
|
ingress:
|
|
class: nginx
|
|
serviceType: ClusterIP
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: letsencrypt
|
|
spec:
|
|
acme:
|
|
# You must replace this email address with your own.
|
|
# Let's Encrypt will use this to contact you about expiring
|
|
# certificates, and issues related to your account.
|
|
email: thrawn235@gmail.com
|
|
server: https://acme-v02.api.letsencrypt.org/directory
|
|
privateKeySecretRef:
|
|
# Secret resource that will be used to store the account's private key.
|
|
name: letsencrypt
|
|
# Add a single challenge solver, HTTP01 using nginx
|
|
solvers:
|
|
- http01:
|
|
ingress:
|
|
class: nginx
|
|
serviceType: ClusterIP |