38 lines
873 B
YAML
38 lines
873 B
YAML
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: le-issuer
|
|
spec:
|
|
acme:
|
|
# The ACME server URL
|
|
server: https://acme-v02.api.letsencrypt.org/directory
|
|
# Email address used for ACME registration
|
|
email: acme@gmem.ca
|
|
# Name of a secret used to store the ACME account private key
|
|
privateKeySecretRef:
|
|
name: letsencrypt-pro
|
|
# Enable the HTTP-01 challenge provider
|
|
solvers:
|
|
- selector:
|
|
dnsZones:
|
|
- "gmem.ca"
|
|
dns01:
|
|
cloudflare:
|
|
apiTokenSecretRef:
|
|
name: cloudflare-cert-api
|
|
key: api-token
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: gmem-ca-wildcard
|
|
namespace: cert-manager
|
|
spec:
|
|
secretName: gmem-ca-wildcard
|
|
issuerRef:
|
|
kind: ClusterIssuer
|
|
name: le-issuer
|
|
commonName: "*.gmem.ca"
|
|
dnsNames:
|
|
- "*.gmem.ca"
|