27 lines
834 B
Markdown
27 lines
834 B
Markdown
# cert-manager
|
|
|
|
`cert-manager` is used to obtain TLS certificates from Let's Encrypt.
|
|
|
|
Added manifest with:
|
|
|
|
```
|
|
curl -L https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.yaml -O
|
|
```
|
|
|
|
To update certificate issuer
|
|
|
|
```
|
|
kubectl apply -f namespace.yml -f cert-manager.yaml
|
|
kubectl apply -f issuer.yml
|
|
kubectl -n cert-manager create secret generic tsig-secret \
|
|
--from-literal=TSIG_SECRET=<secret>
|
|
```
|
|
|
|
Workaround for webhook timeout issue https://github.com/jetstack/cert-manager/issues/2602
|
|
It's not very clear why this is happening, deserves further investigation - presumably Calico related somehow:
|
|
|
|
```
|
|
kubectl delete mutatingwebhookconfiguration.admissionregistration.k8s.io cert-manager-webhook
|
|
kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io cert-manager-webhook
|
|
```
|