Hi Team,
I deployed Kong in k8s cluster without having an ingress controller , exposed as a Load Balancer , suggest me how to deploy SSL certificate on Kong.
Thanks,
Arun.
Hi Team,
I deployed Kong in k8s cluster without having an ingress controller , exposed as a Load Balancer , suggest me how to deploy SSL certificate on Kong.
Thanks,
Arun.
You have to create tls secret -
Example -
kubectl create secret tls kong-gateway-tls-secret -n kong --key /path/to/cert.key --cert /path/to/cert.crt
After that mount that secret using helm secretVolumes as follows -
#Inject specified secrets as a volume in Kong Container at path /etc/secrets/{secret-name}/
secretVolumes:
- kong-gateway-tls-secret
After that simply add those paths to cert and key mapping in env section of helm as follows -
env:
ssl_cert: '/etc/secrets/kong-gateway-tls-secret/tls.crt'
ssl_cert_key: '/etc/secrets/kong-gateway-tls-secret/tls.key'
Make sure to add DNS record with LoadBalancerIP.
Let me know if that helps .
Hi Team,
I have gone with the same setup in Kong config
env:
ssl: “on”
ssl_cert: “/etc/secrets/kong-my-tls-secret/tls.crt”
ssl_cert_key: “/etc/kong-secrets/my-tls-secret/tls.key”
secretVolumes:
this is working fine for my Kong setup to enable TLS configuration without a ingress , thanks.