I have been using the plugin and like it, but its frustrating to have to create an api key after install, so I am wanting to get the tls mode up and running, so the connection between the plugin and crowdsec is more automated.

That said, i was wanting to use cert manager to create the certs in my kubernetes cluster and manage them for me.

I wondered if anyone had tried and has this working already.

Thanks.

Hello @mannp,

Yes it is definitely possible to manage auto-configuration of bouncer using tls certificates.
There is a documentation in a blog post from Crowdsec: www.crowdsec.net/blog/integrating-crowdsec-kubernetes-tls
The blog post features this Traefik Plugin for demonstration in Kube for Crowdsec TLS.

I just tested and it works well!

Be aware that this adds a dependancy because traefik will mount the TLS certificate as a secret and it needs to be generated before for Traefik can start.

Let me know if that worked for you,

Best,
Mathieu

@mathieuHa Have you ever had the tls cert used for identity expire on you? Mine recently expired and I'm curious if you've been able to provision a new one