· 6 years ago · Nov 10, 2019, 07:46 PM
1#Issue the following to generate your CloudFlare API Key Secret
2# bash# : API_KEY=$(read -sp 'Cloudflare GLOBAL API Key: ' pval && echo -n $pval | base64)
3
4kubectl apply -f - <<EOF
5apiVersion: v1
6kind: Secret
7metadata:
8 name: cloudflare-api-key
9 namespace: istio-system
10type: Opaque
11data:
12 api-key: $API_KEY
13
14---
15
16apiVersion: cert-manager.io/v1alpha2
17kind: ClusterIssuer
18metadata:
19 name: letsencrypt-staging
20 namespace: cert-manager
21spec:
22 acme:
23 email: $EMAIL_ADDRESS
24 server: https://acme-v02.api.letsencrypt.org/directory
25 privateKeySecretRef:
26 name: letsencrypt-staging
27 solvers:
28 - dns01:
29 cloudflare:
30 email: $EMAIL_ADDRESS
31 apiKeySecretRef:
32 key: api-key
33 name: cloudflare-api-key
34 selector: {}
35
36---
37
38apiVersion: cert-manager.io/v1alpha2
39kind: Certificate
40metadata:
41 name: test-ex-com
42 namespace: cert-manager
43spec:
44 secretName: test-ex-com
45 issuerRef:
46 name: letsencrypt-staging
47 kind: ClusterIssuer
48 commonName: $DOMAIN_NAME
49 dnsNames:
50 - $DOMAIN_NAME
51 acme:
52 config:
53 - dns01:
54 provider: cf-dns
55 domains:
56 - $DOMAIN_NAME
57EOF
58
59# kubectl describe certificate -n cert-manager test-ex-com