Renewing Nginx SSL Certificate on Virtual Machine & Kubernetes Cluster
May 6, 2023
Virtual Machine
Steps
- Download the
_.domain.zip
file. And extract it. - sudo cat
673492a50041aa56.crt
gd_bundle-g2-g1.crt
>domain.com.chained.crt
- Location
/etc/nginx/ssl/
update thedomain.com.chained.crt
- Restart the nginx
sudo systemctl restart nginx.service
- Check the certificate date on the browser.
Kubernetes Cluster
- Download the
_.domain.zip
file. And extract it. - sudo
cat
673492a50041aa56.crt
gd_bundle-g2-g1.crt
>domain.com.chained.crt
- Convert the output into
base64
. - Create
domainsslsecret.yaml
filekubectl get secret domain-tls -n default -oyaml > domainsslsecret.yaml
- Change
tls.crt
variable via newbase64
value. - Apply the
domainsslsecret.yaml
file in all namespacekubectl apply -f domainsslsecret.yaml -n default
Secret file- domainsslsecret.yaml
apiVersion: v1
data:
tls.crt: dfhkjdhfkjadshfdjjfdkjfdskjfbdsjkfsdakhfdksjhfkjdfasdjkhckhccksdhkhkfhsdakjhfdshj
tls.key: fdfakjhfjadkfhasdkjfhdsakjfhsdakjhfasdkjfhdskjfhdaskjbfdckjhaskdcasdkhccdschdsfdfs
kind: Secret
metadata:
name: domain-tls
namespace: default
type: kubernetes.io/tls