Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

A basic .NET Core website boilerplate using PostgreSQL for storage, Adminer for db management, Let's Encrypt for SSL certificates and NGINX for routing.

Stars: ✭ 57 (-40.62%)

Mutual labels: letsencrypt

Certificaat

General-purpose ACME client

Stars: ✭ 88 (-8.33%)

Mutual labels: letsencrypt

Certify

SSL Certificate Manager UI for Windows, powered by Let's Encrypt. Download from certifytheweb.com

Stars: ✭ 1,075 (+1019.79%)

Mutual labels: letsencrypt

Intercert

Use Let's Encrypt on private (LAN) servers using DNS validation

Stars: ✭ 68 (-29.17%)

Mutual labels: letsencrypt

Certbot

Dockerized HTTPS with Let's Encrypt

Stars: ✭ 91 (-5.21%)

Mutual labels: letsencrypt

Rancher Lets Encrypt

Automatically create and manage certificates in Rancher using Let's Encrypt webroot verification via a minimal service

Stars: ✭ 88 (-8.33%)

Mutual labels: letsencrypt

Acme client

Java ACME Client application

Stars: ✭ 77 (-19.79%)

Mutual labels: letsencrypt

View All Similar Projects ➔

A Let's Encrypt certificates manager for Kubernetes

This chart use the acme.sh script to generate Let's Encrypt certifcates with DNS validation only; it uses Kubernetes Job to get and renew certificates.

Ingress annotations

Name	Example	Description
acme.kubernetes.io/enable	`"true"`	Enable `Certs` on this ingress when value is set to `"true"`. Default value is empty.
acme.kubernetes.io/dns	`"dns_gd"`	Set the `acme.sh` `--dns` parameter: (see [https://github.com/Neilpang/acme.sh/wiki/dnsapi] for all `--dns` supported values). Default value is empty.
acme.kubernetes.io/staging	`"true"`	Enable acme staging certificate validation when value is set to `"true"`. Default value is empty.
acme.kubernetes.io/add-args	`"--keylength ec-256"`	Add more arguments to `acme.sh` command used to generate certificates. Default value is empty.
acme.kubernetes.io/cmd-to-use	`"acme.sh -h"`	Replace the `acme.sh` command to use for generating certificates. Default value is empty.

Chart configuration

Parameter	Default	Description
image.registry	`mathnao`	Set the docker image registry to use.
image.repository	`certs`	Set the docker image repository to use.
image.tag	`tag`	Set the docker image tag to use.
schedule	`0 0,12 * * *`	Set the job schedule to run dns validation for certificate renew.
backoffLimit	`1`	Specify the number of retries before considering a job as failed.
activeDeadlineSeconds	`600`	Set an active deadline for terminatting a job.
ttlSecondsAfterFinished	`120`	Set a TTL for cleaning a job.
successfulJobsHistoryLimit	`3`	Specify how many completed jobs should be kept.
manageAllNamespaces	`false`	Whether or not `certs` should manage all namespaces for generating certificates.
debug	`false`	Display more logs when value is set to `"true"`.
failedJobsHistoryLimit	`1`	Specify how many failed jobs should be kept.
env	`[]`	List all environment variables needed to run a `acme.sh` dns validation for certificate renew.
demo.enabled	`false`	Enable a demo backend for test purpose.
demo.image	`mathnao/light-test-server`	Set the docker image to use for the demo backend
demo.service.type	`ClusterIP`	Set the service type for the demo backend
demo.service.port	`8080`	Set the service port for the demo backend
demo.secretName	`demo-ingress-cert`	Set the secret name for storing generated certificates
demo.hosts	`- "example.com"`	Set the list of your hosts to generate Let's Encrypt certificate

Deployment example

1/ Have your Ingress Controller deployed and ready

2/ Register your ingress, for example:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: test-ingress
  annotations:
    acme.kubernetes.io/enable: "true"
    acme.kubernetes.io/dns: "dns_gd"
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  tls:
  - hosts:
    - sslexample.foo.com
    secretName: testsecret-tls
  rules:
  - host: sslexample.foo.com
    http:
      paths:
      - path: /
        backend:
          serviceName: service1
          servicePort: 80

3/ Install Certs chart:

# Add the `Certs` Helm repository
helm repo add certs https://math-nao.github.io/certs/charts

# Update your local Helm chart repository cache
helm repo update

# Install the `Certs` Helm chart in the same namespace than your ingresses
helm install \
  --name certs \
  --namespace app \
  --values values.yaml \
  certs/certs

values.yaml file may content for example:

# schedule a Kubernetes Job twice a day, certificate is renewed only if it is going to expire soon
schedule: "0 2,14 * * *"

# add all necessary environment variables for acme.sh dns validation
# see https://github.com/Neilpang/acme.sh/wiki/dnsapi
env:
- name: GD_Key
  value: XXXX
- name: GD_Secret
  value: XXXX

4/ Visit https://sslexample.foo.com webpage, you should have a valid Let's Encrypt certificate

Acknowledgments

acme.sh: https://github.com/Neilpang/acme.sh

License

This code is distributed under the Apache License, Version 2.0, see LICENSE for more information.

Donates

Your donation helps to maintain Certs:

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 96

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (4) 🔗