issuer

README.md

@@ -84,7 +84,9 @@ http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-da
 
 ### create issuers
 
-    ....
+    adapt email!
+    kubectl apply -f letsencrypt-staging.yaml
+    kubectl apply -f letsencrypt-prod.yaml
 
 ### default issuer
     

letsencrypt-prod.yaml

@@ -0,0 +1,16 @@
+apiVersion: certmanager.k8s.io/v1alpha1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt
+spec:
+  acme:
+    # You must replace this email address with your own.
+    # Let's Encrypt will use this to contact you about expiring
+    # certificates, and issues related to your account.
+    email: sysadm@zknt.org
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      # Secret resource used to store the account's private key.
+      name: leprod-issuer-account-key
+    # Enable the HTTP01 challenge mechanism for this Issuer
+    http01: {}

letsencrypt-staging.yaml

@@ -0,0 +1,16 @@
+apiVersion: certmanager.k8s.io/v1alpha1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-staging
+spec:
+  acme:
+    # You must replace this email address with your own.
+    # Let's Encrypt will use this to contact you about expiring
+    # certificates, and issues related to your account.
+    email: sysadm@zknt.org
+    server: https://acme-staging-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      # Secret resource used to store the account's private key.
+      name: lestaging-issuer-account-key
+    # Enable the HTTP01 challenge mechanism for this Issuer
+    http01: {}