So, I have a Kubernetes cluster running on aws-eks, it's only a test cluster to learn and build a production cluster at the moment. I've already managed to make everything I need to work except for the SSL certificate! :(
I'm using cert-manager to add a SSL certificate on my domain "brunolira.dev", which I bought on google domains and used AWS' Route53 to redirect to my kubernetes load balancer but did not have any success yet.
By using the staging cert-manager (https://acme-staging-v02.api.letsencrypt.org/directory) i get the following certificate on firefox:
When I use the prod cert-manager url (https://acme-prod-v02.api.letsencrypt.org/directory) it changes to this:
I don't understand why is it saying "Kubernetes Ingress Controller Fake Certificate" nor why
the DNS changes to "ingress.local"
This is my ClusterIssuer:
apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
email: MYEMAIL(WHICH I DID NOT REGISTER ANYWHERE, IS THERE SUCH A THING?)
privateKeySecretRef:
name: cluster-issuer-account-key
server: https://acme-prod-v02.api.letsencrypt.org/directory
solvers:
- selector:
dnsZones:
- "brunolira.dev"
dns01:
route53:
region: us-east-2
hostedZoneID: HOSTEDZONE ID ON ROUTE 53
role: arn:aws:iam::IAMUSERID:role/dns-manager
This is my ingress:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: my-ingress
annotations:
kubernetes.io/ingress.class: "nginx"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
spec:
tls:
- hosts:
- brunolira.dev
secretName: echo-tls
rules:
- host: brunolira.dev
http:
paths:
- path: /common
backend:
serviceName: common-service
servicePort: 80
- path: /offline
backend:
serviceName: offline-service
servicePort: 80
Any help, guidance, suggestion or tip on how could I solve this will be very much appreciated!
In case you want to take a look at the prod generated certificate you can access the page brunolira.dev and verify whatever you need! I can also provide any information about my configuration that would be useful on find a solution to to this problem!