Search code, repositories, users, issues, pull requests...

Note: This defaults to running KCert against Let's Encrypt's staging environment. After you've tested against staging, you can switch to production with:

For setting up SMTP email notifications and other parameters, please check the charts/kcert/values.yaml file and set the values under smtp accordingly. The SMTP password must be stored in a secret. If you stick with the defaults, you can simply create that secret with the following command:

KCert automatically looks for ingresses that reference a certicate. If that certificate doesn't exist, it will create it (and renew it). KCert only monitors ingresses with the kcert.dev/ingress: "managed" label. You can either create your own ingress manually, or use the kcert-ingress chart:

KCert can create TLS certificates based on definitions found in Kubernetes ConfigMap resources. This is useful if you need a certificate for a service that doesn't have an Ingress, or if you prefer to manage certificate definitions separately.

KCert discovers ConfigMaps that request TLS certificates based on a configurable label. The discovery is controlled by two environment variables:

Leave a Comment