...
Create a cluster-issuer and a certificate/secret for the self signed root CA
Code Block | ||||
---|---|---|---|---|
| ||||
apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: selfsigned-rootca-cluster-issuer spec: selfSigned: {} --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: selfsigned-rootca namespace: default spec: isCA: true duration: 2160h # 90d renewBefore: 360h # 15d commonName: selfsigned-rootca subject: organizations: - oran organizationalUnits: - oran countries: - Ireland localities: - Dublin streetAddresses: - Main Street secretName: cm-cluster-issuer-rootca-secret privateKey: rotationPolicy: Always algorithm: RSA encoding: PKCS1 size: 2048 issuerRef: name: selfsigned-rootca-cluster-issuer kind: ClusterIssuer group: cert-manager.io dnsNames: - localhost - minikube ipAddresses: - 127.0.0.1 - 192.168.49.2 emailAddresses: - ca@mail.com |
Create an issuer for the self signed root CA
Code Block | ||||
---|---|---|---|---|
| ||||
apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: cm-ca-issuer namespace: default spec: ca: secretName: cm-cluster-issuer-rootca-secret |
...