.. | ||
lets-encrypt-issuer.yaml | ||
README.md |
06 | Cert Manager
https://cert-manager.io/docs/installation/kubectl/
Install cert-manager - check for latest version.
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.3/cert-manager.yaml
After cert manager is installed, create API tokens (not keys, but tokens) on cloudflare (User Profile > API Tokens > API Tokens) with permissions:
Permissions:
- Zone - DNS - Edit
- Zone - Zone - Read
Zone Resources:
- Include - All Zones
Configure a the API token as a secret in Kubernetes and replace the in the below command with the token from cloudflare.
kubectl create secret generic cloudflare-api-token-secret --namespace=cert-manager --type=Opaque --from-literal=api-token=<APIKEY>
Create the Let's Encrypt ClusterIssuer:
# Be sure to edit the file and set the production URL if not a test cluster
kubectl apply -f lets-encrypt-issuer.yaml