rke2 ingress-nginx default ssl certificate

Question

Can anyone advise how to apply the default ssl certificate to ingress-nginx on rke2?

I followed the doc at https://docs.rke2.io/networking/#nginx-ingress-controller
I imported the TLS certificate into a secret
I created this file on each node (6) in the cluster

# /var/lib/rancher/rke2/server/manifests/rke2-ingress-nginx-config.yaml
---
apiVersion: helm.cattle.io/v1
kind: HelmChartConfig
metadata:
  name: rke2-ingress-nginx
  namespace: kube-system
spec:
  valuesContent: |-
    controller:
      extraArgs:
        default-ssl-certificate: "kube-system/domain.net"

I selected redeploy via the rancher console on DaemonSet rke2-ingress-nginx-controller

I have an ingress defined and working but I keep getting insecure warning, certificate issued to 'Kubernetes Ingress Controller Fake Certificate'.

curl also reports the error: SSL certificate problem: unable to get local issuer certificate

score 0 · Answer 1 · answered Apr 13 '22 at 16:49

0

I believe the problem is you are using a '.' in the name of the secret. Try taking it out and updating the secret reference in the code block.

Source: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

answered Apr 13 '22 at 16:49

Nathan

835
3
11
20

rke2 ingress-nginx default ssl certificate

1 Answers1