使用Cert-Manager,NGINX Ingress和Let's Encrypt为Kubernetes服务配置TLS / SSL
[英]Configure TLS/SSL for Kubernetes Services using Cert-Manager, NGINX Ingress and Let’s Encrypt
问题描述
I apologize in advance for my english. 
我提前为我的英语道歉。
So, I need to configure a secure connection to my services in Ingress. 因此,我需要在Ingress中配置到我的服务的安全连接。 DNS name (sh220.westeurope.cloudapp.azure.com) registered on virtual machine Azure. 在虚拟机Azure上注册的DNS名称(sh220.westeurope.cloudapp.azure.com)。 Guided by: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/portal-create-fqdn 指导者: https : //docs.microsoft.com/zh-cn/azure/virtual-machines/windows/portal-create-fqdn
But... 但...
..."solver configuration for domain "sh220.westeurope.cloudapp.azure.com" not found. Ensure you have configured a challenge mechanism using the certificate.spec.acme.config field"...
What is "a challenge mechanism"? 什么是“挑战机制”? What am I doing wrong? 我究竟做错了什么?
kubectl describe certificate events:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal CreateOrder 3s (x5 over 1h) cert-manager Created new ACME order, attempting validation...
Certificate
apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
name: mysh220-cert
namespace: default
spec:
secretName: mysh220-cert-tls
issuerRef:
name: letsencrypt-staging
commonName: sh220.westeurope.cloudapp.azure.com
dnsNames:
- sh220.westeurope.cloudapp.azure.com
acme:
config:
- http01:
ingress: sh220-ingress
domains:
- westeurope.cloudapp.azure.com
In Ingress spec: 在Ingress规范中:
host: sh220.westeurope.cloudapp.azure.com
tls:
- secretName: mysh220-cert-tls
hosts:
- sh220.westeurope.cloudapp.azure.com
cert-manager-v0.4.1 CERT-经理-v0.4.1
Thanks for any help. 谢谢你的帮助。
1 个解决方案
解决方案1
0 已采纳 2018-08-20 16:25:39
解决我的问题的方法很简单: https : //docs.microsoft.com/zh-cn/azure/aks/ingress
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.