Ability to enable TLS on Ingress with custom certificate which exists on the cluster already

Question

Ability to enable TLS on Ingress with custom certificate which exists on the cluster already

yesoos opened this issue 2 months ago · comments

Which component:
sealed-secrets helm chart v2.15.2

Is your feature request related to a problem? Please describe.
I would like to use a tls secret for the ingress which already exists on the cluster. For now it's not possible to enable tls if certificate is not generated, provided in helm or generated by cert-manager

Describe the solution you'd like
Ability to use a precreated secret with tls certificate or just ability to enable tls and use the default ingress certificate.

Alejandro Moreno · Answer 1 · Thu Apr 04 2024 20:03:03 GMT+0800 (China Standard Time)

Hi, @yesoos.

You can provide existing tls secrets using the ingress.extraTls parameter in the chart. For example:

ingress:
  enabled: true
  hostname: my-sealed-secrets.local
  tls: true
  extraTls:
  - hosts:
    - my-sealed-secrets.local
    secretName: my-certificate-secret

yesoos · Answer 2 · Thu Apr 04 2024 20:08:52 GMT+0800 (China Standard Time)

Hi @alemorcuq,

My default cert is in a different namespace (along with ingress controller) so I can't define it like that. Probably best option would be to be able to just enable tls without defining secret and then ingress controller will use the default one.

Alejandro Moreno · Answer 3 · Mon Apr 08 2024 15:09:39 GMT+0800 (China Standard Time)

So removing the secretName in the snippet I shared works for you?

yesoos · Answer 4 · Mon Apr 08 2024 15:49:01 GMT+0800 (China Standard Time)

@alemorcuq that did the trick - thanks for help