I have deployed Kubernetes on aws with cert-manager and lets encrypt in private subnet and I have deployed an application load balancer on aws to expose outside. its https-01 challenge and what record do I need to create on the domain provider? if it A record load balancer ip keeps on changing or do I configure Cname with load balancer DNS name? please confirm
You need to configure an A record for http-01 challenge. However if your IP keeps changing then you need to consider using the DNS-01 challenge. Make sure to use a supported DNS provider like Route53.
Try this: apiVersion: v1 kind: Secret metadata: name: letsencrypt-prod type: Opaque data: # Add your private key data here in base64-encoded format private_key: PGJhc2U2NC1lbmNvZGVkLXByaXZhdGUta2V5Pgo=
damn bro, this guy provides the best i've seen explanation of topics while doing all the work and providing manifests for free and you've got an attitude to make such miserable comment
This was amazing. Thank you soo much. I have a better understanding of cert-manager and ingress controller operations
Hello ! Thanks for the videos, helped me a lot to understand some topics ! Can I ask what tool do you use to make the visuals ?
how to renew automatically let's encrypt certificate on ingress controller
I have deployed Kubernetes on aws with cert-manager and lets encrypt in private subnet and I have deployed an application load balancer on aws to expose outside. its https-01 challenge and what record do I need to create on the domain provider? if it A record load balancer ip keeps on changing or do I configure Cname with load balancer DNS name? please confirm
You need to configure an A record for http-01 challenge. However if your IP keeps changing then you need to consider using the DNS-01 challenge. Make sure to use a supported DNS provider like Route53.
How did you create secret, I did't see where did you create secret in the video
Try this:
apiVersion: v1
kind: Secret
metadata:
name: letsencrypt-prod
type: Opaque
data:
# Add your private key data here in base64-encoded format
private_key: PGJhc2U2NC1lbmNvZGVkLXByaXZhdGUta2V5Pgo=
he already created secret, he didn't show us to save time. u can find it created 17 secs ago ..
Almost fell asleep
damn bro, this guy provides the best i've seen explanation of topics while doing all the work and providing manifests
for free
and you've got an attitude to make such miserable comment