Certificates

To enable HTTPS on the Renku website you need valid certificates for the ingress.

This can be achieved by either deploying a certificate issuer like LetsEncrypt or creating certificates manually and inserting them as Kubernetes secrets.

LetsEncrypt

If you have installed Helm you can deploy LetsEncrypt.

The following are steps to install LetsEncrypt using Helm. To run the following commands you can use the cert-manager-values.yaml and cert-manager-issuer.yaml files. Make sure to edit the cert-manager-issuer.yaml file and fill in the correct email field.

$ helm install cert-manager jetstack/cert-manager -f helm-installs/cert-manager-values.yaml --namespace kube-system
$ kubectl apply -f manifests/cert-manager-issuer.yaml

Now you can check that certificates can be issued automatically using a test deployment. For more information, please check LetsEncrypt cert-manager Helm documentation

Generate manually

You can also use a self-signed certificate created manually. Add the previously created certificate as a secret to the renku namespace.

$ kubectl -n renku create secret tls renku-tls --cert=certificate.crt --key=certificate.key