K
Q

Automatic generation and renewal of Let's Encrypt certificates on Google HTTPS Load Balancer

6/4/2018

I am using Google Kubernetes Engine and have the Google HTTPS Load Balancer as my ingress.

Right now the load balancer uses Let's Encrypt certificates. However, is there a simple way to ensure that the certificates are automatically renewed prior to their 90 day expiry?

-- Dan
google-kubernetes-engine
kubernetes
lets-encrypt

Similar Questions

Kubernetes - How does API Server / etcd know the status of each Pod?
Binding Watson Services to a Kube Cluster in IBM Cloud
Deployment with replicaset & node shutdown
Setting up realms in Keycloak during kubernetes helm install
How to access minikube (installed on a remote VM) from my local machine?

2 Answers

4/11/2019

You can now use "Google-managed SSL certificates" which is currently in beta: https://cloud.google.com/load-balancing/docs/ssl-certificates#managed-certs

-- Matthew P
Source: StackOverflow
6/5/2018

You have not specified how you configured Let's Encrypt for your load balancer. Right now Google does not offer this for you, so I assume you mean you set the Let's Encrypt certificate yourself. In this case, Google can't renew your certificate.

Until there's an official support you can install a third-party add-on like cert-manager to automate certificate configuration and renewal. There's a GKE tutorial for doing this at https://github.com/ahmetb/gke-letsencrypt.

-- AhmetB - Google
Source: StackOverflow