#0000 - Switch ACME server to production and add staging ClusterIssuer
Switched the ACME server to Let's Encrypt production for certificate issuance. Added a new ClusterIssuer resource for staging to support testing without hitting rate limits.
This commit is contained in:
parent
6bf8d75310
commit
d271b24685
1 changed files with 20 additions and 1 deletions
|
|
@ -6,7 +6,7 @@ metadata:
|
||||||
spec:
|
spec:
|
||||||
acme:
|
acme:
|
||||||
email: acme@van-hemmen.com
|
email: acme@van-hemmen.com
|
||||||
# We use the staging server here for testing to avoid hitting
|
# We use the production server here
|
||||||
server: https://acme-v02.api.letsencrypt.org/directory
|
server: https://acme-v02.api.letsencrypt.org/directory
|
||||||
privateKeySecretRef:
|
privateKeySecretRef:
|
||||||
# if not existing, it will register a new account and stores it
|
# if not existing, it will register a new account and stores it
|
||||||
|
|
@ -16,3 +16,22 @@ spec:
|
||||||
# The ingressClass used to create the necessary ingress routes
|
# The ingressClass used to create the necessary ingress routes
|
||||||
ingress:
|
ingress:
|
||||||
class: traefik
|
class: traefik
|
||||||
|
---
|
||||||
|
apiVersion: cert-manager.io/v1
|
||||||
|
kind: ClusterIssuer
|
||||||
|
metadata:
|
||||||
|
name: letsencrypt-staging
|
||||||
|
namespace: cert-manager
|
||||||
|
spec:
|
||||||
|
acme:
|
||||||
|
email: acme@van-hemmen.com
|
||||||
|
# We use the staging server here for testing to avoid hitting rate limiting
|
||||||
|
server: https://acme-staging-v02.api.letsencrypt.org/directory
|
||||||
|
privateKeySecretRef:
|
||||||
|
# if not existing, it will register a new account and stores it
|
||||||
|
name: letsencrypt-staging
|
||||||
|
solvers:
|
||||||
|
- http01:
|
||||||
|
# The ingressClass used to create the necessary ingress routes
|
||||||
|
ingress:
|
||||||
|
class: traefik
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue