How to setup HTTPS for Kubernetes using NGINX Ingress and with Cert-Manager on DigitalOcean

Step by step guide to configure TLS certificate issuer using Let’s Encrypt on a kubernetes cluster. As an example I use DigitalOcean’s managed kubernetes cluster. In this post you can find instructions on how to configure NGINX ingress controller.

I originally published at https://kenanbek.github.io on July 27, 2020.

Step 1: Create a namespace

kubectl create namespace cert-manager

Step 2: Install cert-manager

kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v0.12.0/cert-manager.yaml

Step 3: Create a certificate issuer

apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod
  namespace: cert-manager
spec:
  acme:
    # The ACME server URL
    server: https://acme-v02.api.letsencrypt.org/directory
    # Email address used for ACME registration
    email: mrkenanbek@gmail.com
    # Name of a secret used to store the ACME account private key
    privateKeySecretRef:
      name: letsencrypt-prod
    # Enable the HTTP-01 challenge provider
    solvers:
    - http01:
        ingress:
          class: nginx