devspace icon indicating copy to clipboard operation
devspace copied to clipboard
verified publisher icon devspace-sh

TLS without cert-manager in Component Chart

Open johnnypea opened this issue 3 years ago • 3 comments

I don't have cert-manager installed as I handle certificates in Caddy container. Can I use tls option without actually generating certificate? I need this to open port 443. Thank you.

ingress:
  tls: true
  rules:
  - host: my-static-host.test

Without tls

❯ kubectl get ingress
NAME   CLASS   HOSTS                 ADDRESS     PORTS   AGE
app    nginx   my-static-host.test   localhost   80      14m

With tls

❯ kubectl get ingress
NAME   CLASS   HOSTS                 ADDRESS     PORTS     AGE
app    nginx   my-static-host.test   localhost   80, 443   19m

johnnypea avatar Feb 16 '22 08:02 johnnypea

@johnnypea I'm not entirely sure if I understand this correctly, but ingresses only open up on port 443 when you specify a TLS section. We currently also don't require cert-manager, you can just use a custom tls secret via:

ingress:
  tls: my-tls-secret

FabianKramm avatar Feb 16 '22 12:02 FabianKramm

Using tls: true requires that your Kubernetes cluster has cert-manager installed.

https://devspace.sh/component-chart/docs/guides/ssl-certificates

johnnypea avatar Feb 16 '22 16:02 johnnypea

@johnnypea Only if you set it to true but if you provide the value of a secret like @FabianKramm suggested with tls: my-tls-secret, you won't need cert-manager. We should clarify that more though in the docs.

LukasGentele avatar Feb 16 '22 17:02 LukasGentele