K8S with Traefik Go Daddy wildcard ssl certificate
1 min readMay 25, 2023
Short note on apply Go Daddy wildcard ssl on K8S. I use traefik on GCP K8S.
After I got Cert file, intermediate (something like gd_bundle-g2-g1.crt) and private key.
First you must concat your cert and intermediate cert in this order.
Your cert (your_domain.crt) > intermediate(gd_bundle-g2-g1.crt).
Apply secret that have tls.crt as your concat cert and tls.key as your private key.
Example secret will be apply like this.
kubectl --namespace=whoami create secret tls whoami-tls-secret \
--cert=path/to/concat-cert/file \
--key=path/to/key/file
Your secret must be in the same name space as your deployment, service and IngressRoute.
Example of your IngressRoute YML.
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: whoami-websecure
namespace: whoami
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`testcert.yourdomain.com`)
middlewares:
- name: whoami-redirect-scheme
services:
- name: whoami-service
port: 80
tls:
secretName: whoami-tls-secret
Wait a few minutes until your ssl is ready.