Running into an issue whereby Traefik can't seem to see/find a secret which contains TLS certs.
tls.crt: base 64 encoded crt file LS0tLS1CRUd....
tls.key: base 64 encoded key file LS0tLS1CRUd....
- match: Host(`my-app.domain`)
- name: my-app
- name: ipwhitelist
Error I'm getting from Traefik
Error configuring TLS: secret my-namespace/mysecret does not exist" ingress=my-app namespace=my-namespace providerName=kubernetescrd
Anyone else running into issues like this? Any ideas?
Could you explain how do you have created your Secret yaml file please?
Is it a self-signed certs ?
Sure! I used the below YAML as per the docs
And nope! Not self signed.
So, you're in the same situation as me, you need to replace the tls.crt / tls.key data with real keys/crt, and base64 encoded. The documentation doesn't explain how.
Just to confirm..
I didn't use the defaults from the documentation. I did replace tls.crt and tls.key with the real certificate.
I quoted them as below to keep the crt and key private.
Oh ok, could you please tell me how did you do that please? I've believed you was in the same situation as me.
Sure! You can use something like the below..
kubectl create secret tls CERT_NAME --key KEY_FILE --cert CERT_FILE
Replacing CERT_NAME for what you want the secret to be called. KEY_FILE with the cert .key file. Finally CERT_FILE with the cert .crt file
You can also add -n namespace to place it in a certain namespace.
Hope your's work!
Thanks a lots, but I would mean, how to generate the .crt / .key file, because I've believed openssl tool was requirede only for self-signed TLS, and I've believed Traefik could request TLS automaticaly.
To not continue to hijack your initial post, you may be prefer to answer on this thread: Question about kubernetes secret for TLS on v2 CRD