{"id":9402,"date":"2021-10-09T17:45:13","date_gmt":"2021-10-09T09:45:13","guid":{"rendered":"https:\/\/jpuyy.com\/?p=9402"},"modified":"2021-10-09T19:26:20","modified_gmt":"2021-10-09T11:26:20","slug":"letsencrypt-and-cert-manager-in-k8s","status":"publish","type":"post","link":"https:\/\/jpuyy.com\/?p=9402","title":{"rendered":"letsencrypt and cert-manager in k8s"},"content":{"rendered":"

letsencrypt<\/h2>\n

\u5165\u95e8\u6587\u6863
\nhttps:\/\/letsencrypt.org\/getting-started\/<\/p>\n

acme \u610f\u601d Automatic Certificate Management Environment
\nhttps:\/\/datatracker.ietf.org\/doc\/html\/rfc8555<\/p>\n

\u7b7e\u53d1\u7ad9\u70b9\u53ef\u7528\u72b6\u6001
\nhttps:\/\/letsencrypt.status.io\/<\/p>\n

\u68c0\u67e5\u8bc1\u4e66\u5de5\u5177
\nhttps:\/\/letsdebug.net\/<\/p>\n

certbot \u624b\u52a8\u66f4\u65b0\u8bc1\u4e66, \u4e0d\u63a8\u8350\uff0c\u4f46\u53ef\u4ee5\u4e86\u89e3\u8fd0\u884c\u539f\u7406
\nWe don\u2019t recommend this option because it is time-consuming and you will need to repeat it several times per year as your certificate expires.
\nhttps:\/\/certbot.eff.org\/docs\/using.html#manual<\/p>\n

k8s \u91cc\u7684 cert-manager<\/h2>\n
\r\nkubectl get Issuer,ClusterIssuers -A                                     \r\nNAMESPACE   NAME                                                   READY   AGE\r\n            clusterissuer.cert-manager.io\/letsencrypt-production   True    113d\r\n<\/pre>\n
\u67e5\u770b order<\/p>\n
\r\nkubectl get order -A\r\n<\/pre>\n
\u67e5\u770b challenge<\/p>\n
\r\nkubectl get challenge -A\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
letsencrypt \u5165\u95e8\u6587\u6863 https:\/\/letsencrypt.org\/getting-started\/ acme \u610f\u601d Automatic Certificate Management Environment https:\/\/datatracker.ietf.org\/doc\/html\/rfc8555 \u7b7e\u53d1\u7ad9\u70b9\u53ef\u7528\u72b6\u6001 https:\/\/letsencrypt.status.io\/ \u68c0\u67e5\u8bc1\u4e66\u5de5\u5177 https:\/\/letsdebug.net\/ certbot \u624b\u52a8\u66f4\u65b0\u8bc1\u4e66, \u4e0d\u63a8\u8350\uff0c\u4f46\u53ef\u4ee5\u4e86\u89e3\u8fd0\u884c\u539f\u7406 We don\u2019t recommend this option because it is time-consuming and you will need to repeat it several times per year as your certificate expires. https:\/\/certbot.eff.org\/docs\/using.html#manual k8s \u91cc\u7684 cert-manager kubectl get Issuer,ClusterIssuers -A NAMESPACE NAME READY AGE clusterissuer.cert-manager.io\/letsencrypt-production True […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[185],"tags":[],"class_list":["post-9402","post","type-post","status-publish","format-standard","hentry","category-kubernetes"],"_links":{"self":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts\/9402","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9402"}],"version-history":[{"count":8,"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts\/9402\/revisions"}],"predecessor-version":[{"id":9410,"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts\/9402\/revisions\/9410"}],"wp:attachment":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9402"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9402"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9402"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}