Skip to main content

Configure TLS certificates

TLS certificates#

You need to configure TLS certificates. For now, you can:

  • Use self-signed certificates. Useful for a quick and dirty setup, to test the deployment of the application. They will be some issues with the integration. Not recommended for anything else than initial testing.
  • Upload your certificates.
  • Use an existing Kubernetes secret containing the certificates. If you have a certificate manager in your Kubernetes cluster, this can be useful.

Admin Console#

To upload new certificates for the admin console, follow these instructions.

Short version:

kubectl -n default annotate secret kotsadm-tls acceptAnonymousUploads=1# Get pods namekubectl get pods -A | grep kurl-proxy | awk '{print $2}'kubectl delete pods PROXY_SERVER

Application#

You can upload new certificates by replacing the uploaded files. Save your configuration and redeploy when prompted to.