You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Also, there is a BUG in IoT
The MAS Monitor will give you an error something like this: Login error, please contact your administrator! Error message
The inst1-public-tls is not updated by itself.
Check the Owner of the secret!
Change the inst1 YAML in spec manualCertMgmt: false
zoltanpesko
changed the title
Let's encrypt without DNS setup add to the Documentation
Let's Encrypt without DNS setup - add to the Documentation - works on-prem no need for custom dns
Aug 16, 2024
The use of the HTTP solver will allow use of LE for cert signing in the widest possible supported configurations without any requirement to set up anything in any DNS.
For a non-airgap install, this should become the default when you install MAS using ansible/cli - rather than self-signed as it is today.
Feature and motivation
There is a way to use Let's Encrypt without a CIS or Cloudflare, and you used the "one-click" method for installation.
The steps are quite easy.
Let’s Encrypt setup:
If you don’t want a custom DNS, just a Let’s Encrypt certificate.
Check you clusterIssuer
**Installed Operators » cert-manager-operator » Cluster issuer.**
The letsencrypt-prod this one is without custom DNS.
Maybe yours is different!
(if you already had Cloudflare for example)
Like this: {{ mas_instance_id }}-cloudflare-le-prod
Certificate setup:
CustomResourceDefinition search for Suite go to the instances (inst1).
Edit the YAML:
Delete the finalizer to force reconciliation! (Row 173-174, save.)
Wait for a couple of minutes for the reconciliation.
If it is not updating, double-check your certificate issuer name!
Usage example
Many customers want to enable Let's Encrypt after the installation.
This documentation could help
The text was updated successfully, but these errors were encountered: