Skip to main content
Skip table of contents

Configuration Example with Let's Encrypt

Configure a Custom Certificate with Let’s Encrypt

Let’s Encrypt is one of the Certificate Authorities (CA) supported by cert-manager. To set up a Let’s Encrypt certificate, create an Issuer or ClusterIssuer in the target cluster and then reference it in the issuerRef field of the KommanderCluster resource.

  1. Create the Let’s Encrypt ACME cert-manager issuer:

    CODE
    cat <<EOF | kubectl apply -f -
    apiVersion: cert-manager.io/v1
    kind: ClusterIssuer
    metadata:
      name: custom-acme-issuer
    spec:
      acme:
        email: <your_email>
        server: https://acme-v02.api.letsencrypt.org/directory
        privateKeySecretRef:
          name: kommander-acme-issuer-account
        solvers:
          - dns01:
              route53:
                region: us-east-1
                role: arn:aws:iam::YYYYYYYYYYYY:role/dns-manager
    EOF

  2. Configure the Management cluster to use your custom-domain.example.com with a certificate issued by Let’s Encrypt by referencing the created ClusterIssuer:

    CODE
    cat <<EOF | kubectl -n kommander --kubeconfig <management_cluster_kubeconfig> patch \ kommandercluster host-cluster  --type='merge' --patch-file=/dev/stdin
    spec:
      ingress:
        hostname: custom-domain.example.com
        issuerRef:
          name: custom-acme-issuer
          kind: ClusterIssuer
    EOF

Related Topics

Why Should you set up a Custom Domain or Certificate?

Configure Custom Domains or Custom Certificates

Verify and Troubleshoot Configuration Status

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.