Skip to content

somaz94/certmanager-letsencrypt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits
.github
.github
 
 
aws
aws
 
 
cloudflare
cloudflare
 
 
gcp
gcp
 
 
helm
helm
 
 
.gitignore
.gitignore
 
 
.yamllint.yml
.yamllint.yml
 
 
CODEOWNERS
CODEOWNERS
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

certmanager-letsencrypt Guide

License Lint GitHub Stars

This guide provides steps for installing cert-manager and setting up various DNS providers with Let's Encrypt using DNS-01 challenge.


Features

AWS Route53 Google Cloud DNS Cloudflare Helm Let's Encrypt

  • DNS-01 challenge support for wildcard certificates
  • Support for multiple DNS providers: AWS Route53, Google Cloud DNS, Cloudflare
  • Plain YAML manifests and Helm chart deployment options
  • 90-day certificate lifecycle with automatic 30-day renewal
  • ClusterIssuer with ACME Let's Encrypt production endpoint

Supported DNS Providers

Provider Directory Documentation
AWS Route53 aws/ Route53 DNS01
Google Cloud DNS gcp/ Google CloudDNS
Cloudflare cloudflare/ Cloudflare DNS01

Repository Structure

certmanager-letsencrypt/
├── aws/                    # AWS Route53 manifests
│   ├── route53-credentials-secret.yaml
│   ├── clusterissuer.yaml
│   ├── certificate.yaml
│   └── ingress.yaml
├── gcp/                    # Google Cloud DNS manifests
│   ├── clouddns-credentials-secret.yaml
│   ├── clusterissuer.yaml
│   ├── certificate.yaml
│   └── ingress.yaml
├── cloudflare/             # Cloudflare manifests
│   ├── cloudflare-api-token-secret.yaml
│   ├── clusterissuer.yaml
│   ├── certificate.yaml
│   └── ingress.yaml
└── helm/                   # Helm chart with provider-specific values
    ├── values-aws.yaml
    ├── values-gcp.yaml
    └── values-cloudflare.yaml

Installing cert-manager

To fetch the latest version, consult the official cert-manager releases.

# Using latest version
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/latest/download/cert-manager.yaml

# Or pin to a specific version (recommended for production)
# kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.17.2/cert-manager.yaml

Verify installation:

kubectl get po -n cert-manager

Usage


Plain YAML

Each provider directory contains the following template files:

File Description
*-secret.yaml Credentials secret for DNS provider
clusterissuer.yaml ClusterIssuer with ACME DNS-01 solver
certificate.yaml Certificate resource (90d duration, 30d renewal)
ingress.yaml Ingress with TLS configuration

Refer to each provider's README for detailed setup instructions.


Helm Chart

The helm/ directory provides a reusable Helm chart with provider-specific values files.

# AWS Route53
helm install cert-manager-cert ./helm -f ./helm/values-aws.yaml

# Google Cloud DNS
helm install cert-manager-cert ./helm -f ./helm/values-gcp.yaml

# Cloudflare
helm install cert-manager-cert ./helm -f ./helm/values-cloudflare.yaml

You can also override values inline:

helm install cert-manager-cert ./helm -f ./helm/values-aws.yaml \
  --set certificate.commonName=example.com \
  --set clusterIssuer.email=admin@example.com

Reference


License

This project is licensed under the MIT License - see the LICENSE file for details.

About

No description or website provided.

Topics

letsencrypt tls kubernetes ssl devops certificate ingress k8s cloud-native certmanager

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages