Azure kubernetes - Istio certificate installation?
Question
I am using ISTIO for service mesh in Azure kubernetes. I have configured private DNS to setup the FQDN. Currently the application is accessible over http protocol(eg: http://myapp.contoso.com ) and I would like to be secured with https protocol(eg: https://myapp.contoso.com ).
I know I have to change the service port to 443 to support https protocol however how/where do I install the SSL certificate for the application (eg: https://myapp.contoso.com )? Is there anything else to be done as well?
2 answers
solution1
2 2020-10-13 05:25:15
That will depend on where do you want the SSL termination to happen, if you want that to happen inside the Azure kubernetes network, then you can do SSL termination at ingress layer.
Or otherwise you can also do the termination at application gateway layer of Azure ( if you want to avail this service from azure, the redirection from http to https, basic firewall features and adding the pfx certificates at the listeners can be done), ingress can also take care of these things although.
You can install the let's encrypt certificates by using this helm chart and for further steps you can follow this stack overflow link , it shall help you in creating configurations for Istio, ppl have used this solution for Istio as well before
solution2
1 ACCPTED 2020-10-13 05:50:11
I found the answer here Securing Your Istio Ingress Gateway with HTTPS
There is istio documentation about that.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.