jpuyy的网志

Think before you speak, read before you think.

letsencrypt and cert-manager in k8s

Oct 9, 2021

—

jpuyy

in Kubernetes

letsencrypt

入门文档
https://letsencrypt.org/getting-started/

acme 意思 Automatic Certificate Management Environment
https://datatracker.ietf.org/doc/html/rfc8555

签发站点可用状态
https://letsencrypt.status.io/

检查证书工具
https://letsdebug.net/

certbot 手动更新证书, 不推荐，但可以了解运行原理
We don’t recommend this option because it is time-consuming and you will need to repeat it several times per year as your certificate expires.
https://certbot.eff.org/docs/using.html#manual

k8s 里的 cert-manager

kubectl get Issuer,ClusterIssuers -A                                     
NAMESPACE   NAME                                                   READY   AGE
            clusterissuer.cert-manager.io/letsencrypt-production   True    113d

查看 order

kubectl get order -A

查看 challenge

kubectl get challenge -A

jpuyy的网志

letsencrypt and cert-manager in k8s

letsencrypt

k8s 里的 cert-manager

Comments

Leave a Reply