Create Let's Encrypt certificate for Deepfactor Portal on your K8s cluster

Deepfactor portal requires a TLS certificate to encrypt traffic between the portal and your applications running with Deepfactor enabled. This articles describes the steps needed to generate a Let's Encrypt certificate.

1. Install Cert Manager

helm repo add jetstack https://charts.jetstack.io 
helm repo update
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.crds.yaml
helm install \
cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--version v1.6.1 \
--set prometheus.enabled=false

2. Create Deepfactor namespace

kubectl create ns deepfactor

3. Create issuer for Let’s Encrypt

Create yaml file, le-issuer.yaml for Let's Encrypt issuer as follows. Replace the highlighted configs as applicable

apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: letsencrypt-issuer
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: matt@example.io
privateKeySecretRef:
name: letsencrypt-issuer
solvers:
- http01:
ingress:
class: nginx

 

Use the following command to create issuer for Let's encrypt using the file (le-issuer.yaml) created above

kubectl -n deepfactor apply -f le-issuer.yaml

 

4. Create CA certificate

wget https://letsencrypt.org/certs/isrgrootx1.pem
kubectl -n deepfactor create secret generic df-certs-ingress --from-file=portalca.crt=isrgrootx1.pem

5. Create a certificate for the portal

Create yaml for Certificate as follows. Replace the highlighted configs as applicable

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: dfp-letsencrypt.dmux.in
spec:
secretName: dfp-letsencrypt.dmux.in
dnsNames:
- dfp-letsencrypt.dmux.in
issuerRef:
name: letsencrypt-issuer
kind: Issuer
group: cert-manager.io

Use the following commands to create a Let's Encrypt certificate using the file (cert.yaml) created above

kubectl -n deepfactor apply -f cert.yaml


Next steps

Continue installation of Deepfactor Portal using Helm 

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.