Guillaume B.B. Van Hemmen
d271b24685
Switched the ACME server to Let's Encrypt production for certificate issuance. Added a new ClusterIssuer resource for staging to support testing without hitting rate limits.
37 lines
1.1 KiB
YAML
37 lines
1.1 KiB
YAML
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: letsencrypt-production
|
|
namespace: cert-manager
|
|
spec:
|
|
acme:
|
|
email: acme@van-hemmen.com
|
|
# We use the production server here
|
|
server: https://acme-v02.api.letsencrypt.org/directory
|
|
privateKeySecretRef:
|
|
# if not existing, it will register a new account and stores it
|
|
name: letsencrypt-production
|
|
solvers:
|
|
- http01:
|
|
# The ingressClass used to create the necessary ingress routes
|
|
ingress:
|
|
class: traefik
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: letsencrypt-staging
|
|
namespace: cert-manager
|
|
spec:
|
|
acme:
|
|
email: acme@van-hemmen.com
|
|
# We use the staging server here for testing to avoid hitting rate limiting
|
|
server: https://acme-staging-v02.api.letsencrypt.org/directory
|
|
privateKeySecretRef:
|
|
# if not existing, it will register a new account and stores it
|
|
name: letsencrypt-staging
|
|
solvers:
|
|
- http01:
|
|
# The ingressClass used to create the necessary ingress routes
|
|
ingress:
|
|
class: traefik
|