Configure TLS certificates
TLS certificates#
You need to configure TLS certificates. For now, you can:
- Use self-signed certificates. Useful for a quick and dirty setup, to test the deployment of the application. They will be some issues with the integration. Not recommended for anything else than initial testing.
- Upload your certificates.
- Use an existing Kubernetes secret containing the certificates. If you have a certificate manager in your k8s cluster, this can be useful.
Admin Console#
To upload new certificates for the admin console, follow these instructions.
Short version:
kubectl -n default annotate secret kotsadm-tls acceptAnonymousUploads=1# Get pods namekubectl get pods -A | grep kurl-proxy | awk '{print $2}'kubectl delete pods PROXY_SERVERApplication#
You can upload new certificates by replacing the uploaded files. Save your configuration and redeploy when prompted to.