Rancher TLS 证书颁发机构

Rancher TLS Certificate Authority

快速提问,在 Rancher 中是否可以使用 lets-encrypt 来签署 k8s TLS 证书(etcd、kub-api 等)。我有合规性要求使用有效的可信 CA 链签署我的 k8s 环境?

是的,它实际上是 recommended options 用于在 Rancher 服务器上终止 TLS 的证书来源之一:

Let’s Encrypt: The Let’s Encrypt option also uses cert-manager. However, in this case, cert-manager is combined with a special Issuer for Let’s Encrypt that performs all actions (including request and validation) necessary for getting a Let’s Encrypt issued cert.

在下面的链接中,您将找到一个演示如何:

This option uses cert-manager to automatically request and renew Let’s Encrypt certificates. This is a free service that provides you with a valid certificate as Let’s Encrypt is a trusted CA.

如果有帮助,请告诉我。