apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: letsencrypt-ca
namespace: sandbox
spec:
ca:
secretName: letsencrypt-ca
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: letsencrypt-ca
namespace: sandbox
spec:
isCA: true
commonName: osm-system
secretName: letsencrypt-ca
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
group: cert-manager.ioCode language: JavaScript (javascript)
kubectl get secret --namespace=sandbox
NAME TYPE DATA AGE
letsencrypt-ca kubernetes.io/tls 3 Xs
kubectl get certificates --namespace=sandboxCode language: JavaScript (javascript)
Secure Ingress Resources With Cert Manager
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-test
annotations:
# Set up your ingress.class below (in this example, we are using nginx ingress controller)
kubernetes.io/ingress.class: "nginx"
cert-manager.io/issuer: "letsencrypt-prod"
spec:
tls:
# Replace the DOMAIN placeholder with the correct domain name
- hosts:
- DOMAIN
secretName: letsencrypt-ca
rules:
# Replace the DOMAIN placeholder with the correct domain name
- host: DOMAIN
http:
paths:
- path: /
pathType: Exact
backend:
service:
name: ingress-test
port:
number: 80
I’m Rajesh Kumar, a DevOps, SRE, DevSecOps, Cloud, and Platform Engineering expert passionate about sharing practical knowledge, real-world experiences, and industry best practices. I have worked at Cotocus and regularly write about technology, travel, investing, health, product reviews, and digital marketing through my various platforms.
I publish technical articles at DevOps School, travel stories at Holiday Landmark, stock market insights at Stocks Mantra, health and fitness guidance at My Medic Plus, product reviews at TrueReviewNow, and SEO and digital marketing strategies at Wizbrand.
Find Trusted Cardiac Hospitals
Compare heart hospitals by city and services โ all in one place.
Explore Hospitals