kyma icon indicating copy to clipboard operation
kyma copied to clipboard

Published 20 hours ago verified publisher icon kyma-project

Generate and maintain certificates for the eventing webhook server

Open raypinto opened this issue 2 years ago • 1 comments

Description

With this PoC completed, we use cert-manager to create and maintain certificates, that would be used by the webhook server to authenticate against the webhook service. This is a lot of resources being created as part of the eventing component and hence would propose to generate self signed certs manually using go code and rotating them using a cronjob.

Note: Let's first discuss the outcome of this https://github.com/kyma-project/kyma/issues/15195.

raypinto avatar Sep 02 '22 07:09 raypinto

Current status: We are going to use helm chart to create the certificate, which will have a long validity period! @muralov please update the ticket if there is more to add!

Note: Make sure that the chart does not rotate/generate certificates everytime the reconciler reconciles the cluster.

raypinto avatar Oct 14 '22 10:10 raypinto