Ok, I'm trying to use Traefik with K8S for the first time. I followed a tutorial and the instructor used Cloudflare, but I would like to use Lets Encrypt. When I finished all the settings, HTTPS was enabled, but with self-signed certificates. How do I fix this?
These are the values I used to deploy my helm:
additionalArguments:
- --certificatesresolvers.generic.acme.email=my-email-here
- --certificatesresolvers.generic.acme.caServer=https://acme-v02.api.letsencrypt.org/directory
- --certificatesresolvers.generic.acme.httpChallenge.entryPoint=web
- --certificatesresolvers.generic.acme.storage=/ssl-certs/acme-generic.json
logs:
general:
level: INFO
ports:
web:
redirectTo: websecure
websecure:
tls:
enabled: true
ingressRoute:
dashboard:
enabled: false
persistence:
enabled: true
name: ssl-certs
size: 1Gi
path: /ssl-certs
deployment:
initContainers:
- name: volume-permissions
image: busybox:1.31.1
command: ['sh', '-c', 'chmod -Rv 600 /ssl-certs/*']
volumeMounts:
- name: ssl-certs
mountPath: /ssl-certs
ingressClass:
enabled: true
isDefaultClass: true
and this is my ingress:
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: traefik
# annotations:
# (Optional): Annotations for the Ingress Controller
# -- ingress class is needed when traefik is not the default
# kubernetes.io/ingress.class: traefik
# ---
# -- entrypoint and tls configurations
# traefik.ingress.kubernetes.io/router.entrypoints: web, websecure
# traefik.ingress.kubernetes.io/router.tls: "true"
# ---
# -- optional middlewares
# traefik.ingress.kubernetes.io/router.middlewares:your-middleware@kubernetescrd
# ---
spec:
rules:
- host: 'my-domain.com'
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: profitor-web-service
port:
number: 80
Finally, this is my errror:
MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT
Can someone please help me? This is the last step for a client's project.
Edit: I'm using v. 18.0.3 in helm.