Skip to content
This repository has been archived by the owner on Apr 17, 2019. It is now read-only.

ingress controllers (full)-chain support? #1131

Closed
MaxDaten opened this issue Jun 3, 2016 · 5 comments
Closed

ingress controllers (full)-chain support? #1131

MaxDaten opened this issue Jun 3, 2016 · 5 comments
Labels
area/ingress lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed.

Comments

@MaxDaten
Copy link

MaxDaten commented Jun 3, 2016

Hi,

we are currently using a Lets Encrypt service to create and renew certificates. Besides #952 makes it currently impossible (?) to update the cert for the ingress controller automatically (maybe an kubectl apply/replace on the ingress is enough to force a reload?), we need to install the full-chain, otherwise android would reject the cert (https://community.letsencrypt.org/t/on-android-6-0-1-the-certificate-is-untrusted/7815). Is there a support for the full-chain? The certificates for the GCE Load-Balancer offers a field to enter the (full)chain.pem.
@bprashanth
Copy link

bprashanth commented Jun 3, 2016
edited
Loading

Besides #952 makes it currently impossible (?) to update the cert for the ingress controller automaticall

Not automatically in verions < 0.6.3, you can do so through gcloud still.
Cert updates work in 0.6.3, which is the version of the controller that we ship with the next kube release (you can get it right now by just changing the image version in your RC with kubectl edit and deleting the current pod).

Is there a support for the full-chain? The certificates for the GCE Load-Balancer offers a field to enter the (full)chain.pem.

Can you just concat your certs? kubernetes/kubernetes#24669

@bprashanth bprashanth self-assigned this Jun 3, 2016
@MaxDaten
Copy link
Author

MaxDaten commented Jun 4, 2016

Not automatically in verions < 0.6.3, you can do so through gcloud still.
Cert updates work in 0.6.3, which is the version of the controller that we ship with the next kube release

Thanks for clearing this up. I'm looking forward to it.

Can you just concat your certs? kubernetes/kubernetes#24669

I will try it next week. Thanks.

@fejta-bot
Copy link

Issues go stale after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

Prevent issues from auto-closing with an /lifecycle frozen comment.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or @fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Dec 15, 2017
@fejta-bot
Copy link

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or @fejta.
/lifecycle rotten
/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Jan 14, 2018
@fejta-bot
Copy link

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/close

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
area/ingress lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@MaxDaten @eparis @bprashanth @k8s-ci-robot @fejta-bot