Self signed cert for Ingress Nginx

working

2020-06-02

Generate self signed TLS certificate for Ingress for use with Artifactory docker registry.

openssl req -newkey rsa:4096 -nodes -sha256 -keyout domain.key -x509 -days 365 -out domain.crt
kubectl create secret tls art-tls --cert=domain.crt  --key=domain.key
 # and customize ingress
ingress:
  tls:
    - secretName: art-tls
      hosts: ["artifactory.sudlice.org"]
  annotations:
    kubernetes.io/ingress.class: "nginx"

Add certificate to local trust:

 #RHEL
sudo cp domain.crt /etc/pki/ca-trust/source/anchors/
 #DEBIAN
sudo cp domain.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
 #insecure registry just for information, will not use
 #will not work for bootstrap
cat /etc/docker/daemon.json
	{
	  "insecure-registries" : ["artifactory.apps.poshi4.sudlice.org"]
		}
sudo systemctl restart docker.service

 # test
docker login -u user -p "qxYhJg2s41rJFAuHJNi2" artifactory.apps.poshi4.sudlice.org

SNIPPETS