Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ingress #27

Open
reesericci opened this issue Jan 22, 2021 · 2 comments
Open

Ingress #27

reesericci opened this issue Jan 22, 2021 · 2 comments
Labels
enhancement New feature or request
Milestone
v2

Comments

@reesericci
Copy link

What would you like to be added

Secure kubernetes ingresses with autocert.

Why this is needed

To make it easy to issue certificates to an ingress controller and terminate tls at the ingress.
@reesericci reesericci added enhancement New feature or request needs triage Waiting for discussion / prioritization by team labels Jan 22, 2021
@maraino
Copy link
Collaborator

maraino commented Jan 25, 2021

This is right now not possible with autocert. The current version of autocert injects containers in pods that takes care of authorizing the first certificate, and take care of the renewals.

To make it available on ingresses you need to save the certificates in a kubernetes.io/tls resource, and monitor them to refresh them. Right now this is not something autocert is ready to do. However it would be possible to hack this, using a pod that takes care of updating the resource once a new certificate is issued. This hack would be out of the scope of autocert.

We can consider this issue for an unplanned version of autocert v2.

@reesericci
Copy link
Author

ok cool. my cluster dns is out of whack currently :)

@dopey dopey added this to the v2 milestone Jan 27, 2021
@dopey dopey removed the needs triage Waiting for discussion / prioritization by team label Jan 27, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
v2
Development

No branches or pull requests
3 participants
@maraino @dopey @reesericci