Versions Compared

Old Version 4

changes.mady.by.user Kevin Timoney

Saved on

compared with

New Version 5

changes.mady.by.user Kevin Timoney

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Create a cluster-issuer and a certificate/secret for the self signed root CA

Code Block
languageyml
titleClusterIssuer
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: selfsigned-rootca-cluster-issuer
spec:
  selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: selfsigned-rootca
  namespace: default
spec:
  isCA: true
  duration: 2160h # 90d
  renewBefore: 360h # 15d
  commonName: selfsigned-rootca
  subject:
    organizations:
      - oran
    organizationalUnits:
      - oran
    countries:
      - Ireland
    localities:
      - Dublin
    streetAddresses:
      - Main Street
  secretName: cm-cluster-issuer-rootca-secret
  privateKey:
    rotationPolicy: Always
    algorithm: RSA
    encoding: PKCS1
    size: 2048
  issuerRef:
    name: selfsigned-rootca-cluster-issuer
    kind: ClusterIssuer
    group: cert-manager.io
  dnsNames:
  - localhost
  - minikube
  ipAddresses:
    - 127.0.0.1
    - 192.168.49.2
  emailAddresses:
    - ca@mail.com


Create an issuer for the self signed root CA

Code Block
languageyml
titleIssuer
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: cm-ca-issuer
  namespace: default
spec:
  ca:
    secretName: cm-cluster-issuer-rootca-secret

...