I have migrated a django web application to kubernetes. For this application, I am running a service which can be accessed from a domain name. Following are the yaml files for my Service, Ingress and Certificate:-
Service:-
kind: Service
apiVersion: v1
metadata:
name: app-service
namespace: my-namespace
labels:
app: my-app
spec:
type: ClusterIP
selector:
app: my-app
ports:
- protocol: TCP
port: 8000
targetPort: 8000Ingress:-
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: app-ingress
namespace: my-namespace
annotations:
kubernetes.io/ingress.class: nginx
certmanager.k8s.io/acme-challenge-type: http01
certmanager.k8s.io/cluster-issuer: letsencrypt-prod
kubernetes.io/ingress.allow-http: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "false"
spec:
rules:
- host: abc
http:
paths:
- path: /
backend:
serviceName: app-service
servicePort: 8000
tls:
- secretName: sname
hosts:
- abcCertificate:-
apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
name: sname
namespace: my-namespace
spec:
secretName: sname
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
dnsNames:
- abc
acme:
config:
- dns01:
provider: route53
domains:
- abcNote: abc is my company url.
When I try to open my django web app in the url I get the error as:
NET::ERR_CERT_AUTHORITY_INVALID Subject: Kubernetes Ingress Controller Fake Certificate
I have referred to Kubernetes Ingress SSL certificate post but it did not help. I would like to know if there is anything I am missing or anything which I have configured wrong.
When I try to run the command kubectl get ing -n my-namespace; I don't see any address in the ingress.
Many Thanks!
Let's Encrypt, as every other CA, is not meant to obtain and won't deliver certificates for non public domains. abc is not public domain.