• dudeami0
    link
    fedilink
    English
    101 year ago

    Hard to believe you used to have to pay for a TLS certificate. I use Let’s Encrypt with cert-manager on my kubernetes cluster and it still amazes me how SSL just happens. Even just using certbot makes the job extremely simple.

    • ActuallyRuben
      link
      fedilink
      English
      31 year ago

      There even are still some (shitty) webhosts that require payment for a TLS certificate, because they refuse to support letsencrypt.

    • @sudneo
      link
      English
      21 year ago

      For cert-manager to work you need to have the ingress controller port (or I guess another port) exposed publicly? Or it supports DNS verification? I thought about doing this, but I am essentially having my cluster fully in a private network which I connect with wireguard from outside, but maybe I should reconsider?

      I am keen to know a little bit more about your setup

      • dudeami0
        link
        fedilink
        English
        11 year ago

        I am using cloudflare DNS, which cert-manager requires an API key to edit the DNS entries. Documentation on this can be found here. It seems to support a number of DNS APIs, you can view those here.

        • @sudneo
          link
          English
          11 year ago

          Aha, yes that makes perfect sense. I remembered now that I checked some time ago and my DNS is not supported. But maybe I will move to acme-dns, it seems very hacky, I love it!

    • HTTP_404_NotFound
      link
      fedilink
      English
      21 year ago

      And what is worse-

      It wasn’t cheap either! Some of the SSL cert providers were charging hundreds/thousands for a certificate!

      The less evil ones, were still charging 30$ or so.