From 838734f7a986154f9a688a6353267d69888d3a29 Mon Sep 17 00:00:00 2001
From: chris <cg@zknt.org>
Date: Mon, 20 May 2019 13:37:13 +0200
Subject: [PATCH] issuer

---
 README.md                |  4 +++-
 letsencrypt-prod.yaml    | 16 ++++++++++++++++
 letsencrypt-staging.yaml | 16 ++++++++++++++++
 3 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 letsencrypt-prod.yaml
 create mode 100644 letsencrypt-staging.yaml

diff --git a/README.md b/README.md
index 0985c20..ddfb717 100644
--- a/README.md
+++ b/README.md
@@ -84,7 +84,9 @@ http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-da
 
 ### create issuers
 
-    ....
+    adapt email!
+    kubectl apply -f letsencrypt-staging.yaml
+    kubectl apply -f letsencrypt-prod.yaml
 
 ### default issuer
     
diff --git a/letsencrypt-prod.yaml b/letsencrypt-prod.yaml
new file mode 100644
index 0000000..8505c25
--- /dev/null
+++ b/letsencrypt-prod.yaml
@@ -0,0 +1,16 @@
+apiVersion: certmanager.k8s.io/v1alpha1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt
+spec:
+  acme:
+    # You must replace this email address with your own.
+    # Let's Encrypt will use this to contact you about expiring
+    # certificates, and issues related to your account.
+    email: sysadm@zknt.org
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      # Secret resource used to store the account's private key.
+      name: leprod-issuer-account-key
+    # Enable the HTTP01 challenge mechanism for this Issuer
+    http01: {}
diff --git a/letsencrypt-staging.yaml b/letsencrypt-staging.yaml
new file mode 100644
index 0000000..c905ea4
--- /dev/null
+++ b/letsencrypt-staging.yaml
@@ -0,0 +1,16 @@
+apiVersion: certmanager.k8s.io/v1alpha1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-staging
+spec:
+  acme:
+    # You must replace this email address with your own.
+    # Let's Encrypt will use this to contact you about expiring
+    # certificates, and issues related to your account.
+    email: sysadm@zknt.org
+    server: https://acme-staging-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      # Secret resource used to store the account's private key.
+      name: lestaging-issuer-account-key
+    # Enable the HTTP01 challenge mechanism for this Issuer
+    http01: {}