Sharing certificate between different namespaces

markrity · February 17, 2025, 1:09pm

Hi, we have different IngressRoute objects on different namespaces , but we use the same wildcard certificate for all those IngressRoutes.

Each IngressRoute has this at tls:

  tls:
    options:
      name: tls-options
    secretName: wildcard

Certificate object is getting issued on a namespace called staging.
So what we do right now is copy the created Secret from staging to all other namespaces that we need. But there are many downsides for this strategy.

Is there a better approach for auto provisioned certificates?

dkrizic · February 20, 2025, 10:17pm

Use the Gateway API, the certificate is defined in the Gateway and HTTPRoutes can be attached to the gateway sharing the certificate.

YuryHrytsuk · October 2, 2025, 1:06pm

I am asking similar (the same?) question in Documentation: clearly document Kubernetes Ingress Class namespaced tls certificate misconception · Issue #12116 · traefik/traefik · GitHub

Topic		Replies	Views
How do you share TLS Certificates across namespaces for Traefik Ingress'es Traefik v3 (latest) kubernetes-ingress	3	224	October 21, 2025
How to use the same wildcard TLS certificate in multiple IngressRoutes in different namespaces? Traefik v2 kubernetes-crd , kubernetes-ingress	5	4926	August 19, 2019
Can I set namespace for TLS secretName in IngressRoute? Traefik v2 kubernetes-crd	4	8855	October 29, 2019
Using Wildcard certificate for Traefik v2 in Kubernetes Traefik v2 kubernetes-ingress	0	465	April 23, 2020
Ingress does not respect terminating secret Traefik v3 (latest) kubernetes-ingress	5	106	October 2, 2025

Sharing certificate between different namespaces

Related topics