I want to create a certificate for Kubernetes application using dns challenge i.e. blabla.westeurope.cloudapp.azure.com. According to below link, I have to create my custom dns zone within azure and have to use it for the same:
https://cert-manager.io/docs/configuration/acme/dns01/azuredns/
kind: Issuer
metadata:
name: example-issuer
spec:
acme:
...
solvers:
- dns01:
azuredns:
clientID: AZURE_CERT_MANAGER_SP_APP_ID
clientSecretSecretRef:
# The following is the secret we created in Kubernetes. Issuer will use this to present challenge to Azure DNS.
name: azuredns-config
key: client-secret
subscriptionID: AZURE_SUBSCRIPTION_ID
tenantID: AZURE_TENANT_ID
resourceGroupName: AZURE_DNS_ZONE_RESOURCE_GROUP
hostedZoneName: AZURE_DNS_ZONE
# Azure Cloud Environment, default to AzurePublicCloud
environment: AzurePublicCloud
Can anyone assist me here, how to use Azure Provided DNS for issuing certificate?
If you've configured everything according to the article the next step would be to create a certificate:
apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
name: domain.AZURE_DNS_ZONE
spec:
acme:
config:
- domains:
- "domain.AZURE_DNS_ZONE"
dns01:
provider: azure
commonName: "domain.AZURE_DNS_ZONE"
dnsNames:
- "domain.AZURE_DNS_ZONE"
issuerRef:
kind: Issuer
name: example-issuer
secretName: secretname
also, you cant issue a certificate for westeurope.cloudapp.azure.com
using a DNS challenge, so you can only issue a certificate for you AZURE_DNS_ZONE