unboundsoftware/local-k8s
6
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Activity
Files
main
local-k8s/certs/README.md
T
argoyle 58b04fe47e feat(ingress): add TLS configuration for staging hosts 
Add TLS configuration for staging-shiny and staging-shiny-api 
hosts in the ingress resources. Create a new namespace for 
ingress-nginx to better organize resources. Update kustomization 
files to include new certificates and secrets. Streamline setup 
process with improved wait commands for pod readiness.
2025-12-10 08:16:27 +01:00

908 B
Raw Permalink Blame History

Certificates

This section contains the CA certificates used for testing. The only step necessary is to install the CA. The rest of the documentation is for reference.

Setup

First we generate a key for our CA certificate:

openssl genrsa -out local-ca.key 2048

Then generate the CA certificate:

openssl req -new -x509 -nodes -days 365000 \
   -key local-ca.key \
   -out local-ca.pem

Generate a k8s secret:

kubectl create secret generic ca-key-pair2 \
  --from-literal=tls.crt="$(cat local-ca.pem)" \
  --from-literal=tls.key="$(cat local-ca.key)"

The certificates.yaml contains the secrets already and wil be used by cert-manager to sign certificates.

Install and trust the CA

sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" local-ca.pem
Reference in New Issue View Git Blame Copy Permalink