If you want to use your own certificate for the configured domain, you need the following files (in PEM format):
The certificate’s private key
The CA bundle (containing the root and intermediate certificates)
Specify the local file path to these files in the installation config file:
apiVersion: config.kommander.mesosphere.io/v1alpha1 kind: Installation clusterHostname: <mycluster.example.com> ingressCertificate: certificate: <certs/cert.pem> private_key: <certs/key.pem> ca: <certs/ca.pem>
Certificates that Support ACME
You can configure the
cert-manager to automatically issue a trusted certificate for the configured custom domain. The
cert-manager also takes care of renewing the certificate before expiration.
The certificate must be supported by the Automatic Certificate Management Environment or ACME protocol.
Before you start, gather all relevant information (domain, email, keys, PEM file, others) from your certificate provider. We provide a few examples in the next sections: