Configure multiple certificates for the same domain name #5963
alexandersm
started this conversation in
Ideas
Replies: 2 comments
-
|
Hi @alexandersm thanks for reporting! Be sure to check out the docs while you wait for a human to take a look at this 🙂 Cheers! |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Hi @alexandersm The Ingress Controller doesn't support multiple TLS secrets. However, could you possible try the following workaround? apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: cafe-ingress
annotations:
nginx.org/server-snippets: |
ssl_certificate /etc/nginx/secrets/default-second-cafe-secret; # namespace-name
ssl_certificate_key /etc/nginx/secrets/default-second-cafe-secret; # namespace-name
spec:
ingressClassName: nginx
tls:
- hosts:
- cafe.example.com
secretName: cafe-secret
- hosts: # this part is needed so that the IC gets the second-cafe-secret from k8s API and store it on the file system at /etc/nginx/secrets/namespace-name
- random-workaround-host
secretName: second-cafe-secret
rules:
- host: cafe.example.com |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello,
In the Nginx documentation at http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificate there is a possibility to specify ssl_certificate / ssl_certificate_key directives multiple times for the same domain name.
Is it possible to configure Nginx Ingress to use more than one TLS secret for the same domain name ?
I've tried the following configuration :
but then I checked resulting Nginx configuration inside the ingress pod and found out that only certificate and key from the second secret is used.
Thanks in advance for the help
Aha! Link: https://nginx.aha.io/features/IC-304
Beta Was this translation helpful? Give feedback.
All reactions