docker run -v $PWD/certs:/certs \
-e SSL_SUBJECT=test.example.com \
-e SSL_DNS=test.example.com,test2.example.com \
-e SSL_IP=10.0.0.1 \
superseb/omgwtfssl
docker run -d --restart=unless-stopped \
-p 80:80 -p 443:443 \
-v $PWD/certs/cert.pem:/etc/rancher/ssl/cert.pem \
-v $PWD/certs/key.pem:/etc/rancher/ssl/key.pem \
-v $PWD/certs/ca.pem:/etc/rancher/ssl/cacerts.pem \
rancher/rancher:latest
Use the created certificate files to create the secrets in Kubernetes.
kubectl -n cattle-system create secret tls tls-rancher-ingress --cert=$PWD/certs/cert.pem --key=$PWD/certs/key.pem
Hi Sebastian,
I'm trying to generate certs for an HA setup:
docker run -v $PWD/certs:/certs
-e SSL_SUBJECT=rancher.my.org
-e SSL_DNS=rancher.my.org
-e SSL_IP=10.0.0.1
-e K8S_SAVE_CA_CRT=true
-e K8S_NAME=cattle-keys-ingress
-e K8S_NAMESPACE=cattle-system
paulczar/omgwtfssl
(from https://rancher.com/docs/rancher/v2.x/en/installation/ha/helm-rancher/tls-secrets/)
kubectl -n cattle-system create secret tls tls-rancher-ingress
--cert=tls.crt
--key=tls.key
and get:
error: failed to load key pair tls: failed to find any PEM data in certificate input
I haven't changed my rancher-cluster.yml file and is like this:
nodes:
user: admin
role: [controlplane,worker,etcd]
user: admin
role: [controlplane,worker,etcd]
user: admin
role: [controlplane,worker,etcd]
services:
etcd:
snapshot: true
creation: 6h
retention: 24h
Any clue to fix this cert issue ?
Thank you