I have a case where I need to have a certificate with two subjects (main subject + alt subject) be created through ACME provider. I see in the documentation how to do it with ingressroutes but I'm stucked with kubernetes ingress for this setup.
The use case is two ingresses (one per cluster) with a GSLB in front of them that will redirect traffic for a different name that is normally configured for the ingresses. Something like:
lb.service.com
|----1.service.com
|----2.service.com
So normally, I'd create two ingresses on each cluster:
- One for [1,2].service.com
- One for lb.service.com
The thing is that the certificate validation won't work for lb.service.com, as there's wouldn't be anyway to figure out if this is the cluster for 1.service.com that will get the request or the other one. So my only option is having, on each cluster, a cert created for the main ingress (either 1.service.com or 2.service.com), both having lb.service.com as alt subject.
How can I achieve this with the kubernetes ingress provider ?
Thanks.
P.S. Using Traefik 2.5.4