SSL Certificates using Letsencrypt
Generate certificates
Install letsencrypt and certbot.
Generate Certificate.
The above command will ask for
_acme-challenge
, since the chosen challenge is of type DNS. Create the_acme-challenge
TXT DNS record accordingly, and continue with the above prompt to certs generation.The generated certs should be present in
/etc/letsencrypt
directory.
Renew certificates
Run the same generate certs command to renew certs.
The above command will generate new pair of certificates. The DNS challenge needs to be performed again, as prompted.
Run the following to upload new certs back to Kubernetes Cluster. Adjust the certs path in the below command.
Last updated