Page Comparison

...

Exec into running nginx pod and execute,
- acme-client -a https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf -Nnmv $DOMAIN && renew=1
Once command is successful, check for new certs,
- ls -lrt /etc/ssl/acme/$DOMAIN
Reload nginx to pick up new certs and verify if domain reflects right certificates,
- nginx -s reload
Copy certs from pod
1. kubectl cp nginx-2087212062-c67lk:/etc/ssl/acme/egov-micro-qa.egovernments.org/ ./certs-egov-micro-qa
ssh to bastion node using the key file and ssh to minion nodes with admin user one-by-one
1. ssh -i <KEY>.pem admin@<BASTION-IP> this is not accessible outside the egovernment network. Or need to whitelist the ip.
Upload the copied certs to all minion nodes at
1. scp to writable directory on the minion
2. ssh to minion and sudo cp to /srv/acme/egov-micro-qa.egovernments.org directory
Restart nginx pod to test to make sure everything is running ok

Info
The entire process has been automated on the playground, use only for legacy deployments.

...

Versions Compared