Configure TLS certificates
#
TLS certificatesYou need to configure TLS certificates. For now, you can:
- Use self-signed certificates. Useful for a quick and dirty setup, to test the deployment of the application. They will be some issues with the integration. Not recommended for anything else than initial testing.
- Upload your certificates.
- Use an existing Kubernetes secret containing the certificates. If you have a certificate manager in your Kubernetes cluster, this can be useful.
#
Admin ConsoleTo upload new certificates for the admin console, follow these instructions.
Short version:
kubectl -n default annotate secret kotsadm-tls acceptAnonymousUploads=1# Get pods namekubectl get pods -A | grep kurl-proxy | awk '{print $2}'kubectl delete pods PROXY_SERVER
#
ApplicationYou can upload new certificates by replacing the uploaded files. Save your configuration and redeploy when prompted to.