39 lines
1.2 KiB
YAML
39 lines
1.2 KiB
YAML
---
|
|
# Wildcard Certificate for *.forteapps.net
|
|
# This creates a certificate that covers ALL subdomains of forteapps.net
|
|
# Once created, you can use it for any app like:
|
|
# - myapp.forteapps.net
|
|
# - api.forteapps.net
|
|
# - git.forteapps.net
|
|
# - vaultwarden.forteapps.net
|
|
# - etc.
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: wildcard-forteapps-net
|
|
namespace: cert-manager # Can be in any namespace, cert-manager namespace is common
|
|
spec:
|
|
# The secret where the TLS certificate will be stored
|
|
# This secret can be referenced by IngressRoutes in any namespace
|
|
secretName: wildcard-forteapps-net-tls
|
|
|
|
# Use the production issuer (use letsencrypt-staging for testing)
|
|
issuerRef:
|
|
name: letsencrypt-prod
|
|
kind: ClusterIssuer
|
|
|
|
# DNS names this certificate will cover
|
|
# Both wildcard AND apex domain are recommended
|
|
dnsNames:
|
|
- '*.forteapps.net' # Covers: myapp.forteapps.net, api.forteapps.net, etc.
|
|
- 'forteapps.net' # Also include apex domain explicitly
|
|
# Optional: Configure certificate duration and renewal
|
|
duration: 2160h0m0s # 90 days (Let's Encrypt default)
|
|
renewBefore: 720h0m0s # Renew 30 days before expiry
|
|
|
|
# Optional: Private key settings
|
|
privateKey:
|
|
algorithm: RSA
|
|
encoding: PKCS1
|
|
size: 4096
|