Multiple certificates in TLSstore

Traefik Traefik v2
1

Hello,

I want to use two wildcard certificates in my cluster. One for *.sub.domain.com and one for *.domain.com.

I have already created a TLSStore containing *.domain.com as a default certificate replacing the TRAEFIK DEFAULT CERT. This works nicely, and Ingresses specifying a whatever.domain.com gets this certificate.

Now, I also want to add routes to whatever.sub.domain.com, and I wonder how this should be done. Is it possible to add more than one certificate to the TLSStore? Does this then need to be referenced somehow by Ingresses or IngressRoutes using hostnames where this certificate is needed, or is it solved automagically?

Best regards,
Øystein

2

For "regular" Traefik with Docker (no kubernetes), we just place multiple wildcard certs in the config:

#traefik-dynamic.yml
tls:
  options:
    default:
      minVersion: VersionTLS12
  certificates:
    - certFile: /traefik/example.com.crt
      keyFile: /traefik/example.com.key
    - certFile: /traefik/example2.com.crt
      keyFile: /traefik/example2.com.key
3

is there a way todo this in k8s ? right now im stuck on this that i cant confiugre multi domain

4

Did you look at cert-manager? From what I read it’s the best practice tool for Traefik and TLS in k8s. Blog Post.