You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have recently added a feature to MKE 4 that allows users to set their own TLS certificates for UI by changing the certificates of the ingress controller.
In addition to the UI, in MKE 4, it is also possible to set TLS certs using CLI and mkectl. This is a new feature compared to MKE 4 where the only way to set certs was via UI.
The steps for setting the certs with mkectl are described in the description of this PR but I’ll put the essential part below:
Create a new TLS cert and key signed by a trusted CA. It must include the external address as well as the IP addresses of all manager nodes in the list of allowed hosts. Assuming the MKE 4 config file is named mke4.yaml, you can get the list of all required hosts by running this command:
We have recently added a feature to MKE 4 that allows users to set their own TLS certificates for UI by changing the certificates of the ingress controller.
The UI part is almost identical to what we had in MKE 3 - https://docs.mirantis.com/mke/3.7/ops/administer-cluster/use-your-own-tls-certificates.html
The only difference is that we removed the Client CA field. Screenshots of the UI can be found here - https://github.com/MirantisContainers/mke-dashboard/pull/255
In addition to the UI, in MKE 4, it is also possible to set TLS certs using CLI and mkectl. This is a new feature compared to MKE 4 where the only way to set certs was via UI.
The steps for setting the certs with mkectl are described in the description of this PR but I’ll put the essential part below:
If you're on Linux, use base64 -w0 instead
The ingress controller section in the config file should have the following now
The text was updated successfully, but these errors were encountered: