GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → tnozicka → Openshift Acme

tnozicka / Openshift Acme

Licence: apache-2.0
ACME Controller for OpenShift and Kubernetes Cluster. (Supports e.g. Let's Encrypt)

Programming Languages

go
31211 projects - #10 most used programming language

Labels

kubernetesk8sletsencryptopenshiftacmecertificates

Projects that are alternatives of or similar to Openshift Acme

Certify
SSL Certificate Manager UI for Windows, powered by Let's Encrypt. Download from certifytheweb.com
Stars: ✭ 1,075 (+274.56%)
Mutual labels:  letsencrypt, acme, certificates
Acme Client
Let's Encrypt / ACME client written in PHP for the CLI.
Stars: ✭ 337 (+17.42%)
Mutual labels:  letsencrypt, acme, certificates
Certificaat
General-purpose ACME client
Stars: ✭ 88 (-69.34%)
Mutual labels:  letsencrypt, acme, certificates
Win Acme
A simple ACME client for Windows (for use with Let's Encrypt et al.)
Stars: ✭ 4,305 (+1400%)
Mutual labels:  letsencrypt, acme, certificates
Openshift Letsencrypt
Stars: ✭ 66 (-77%)
Mutual labels:  letsencrypt, acme, openshift
Letscertbot
Let's Certbot is a tool builds automated scripts base on Certbot for obtaining, renewing, deploying SSL certificates.
Stars: ✭ 84 (-70.73%)
Mutual labels:  letsencrypt, acme, certificates
AzureWebAppSSLManager
Acquires and manages free SSL certificates for Azure Web App and Azure Functions applications.
Stars: ✭ 70 (-75.61%)
Mutual labels:  letsencrypt, certificates, acme
K8s Tew
Kubernetes - The Easier Way
Stars: ✭ 269 (-6.27%)
Mutual labels:  letsencrypt, k8s
docker-nginx-certbot
Automatically create and renew website certificates for free using the Let's Encrypt certificate authority.
Stars: ✭ 367 (+27.87%)
Mutual labels:  letsencrypt, acme
letsencrypt-inwx
A small cli utility for automating the letsencrypt dns-01 challenge for domains hosted by inwx.
Stars: ✭ 43 (-85.02%)
Mutual labels:  letsencrypt, acme
lua-resty-acme
Automatic Let's Encrypt certificate serving and Lua implementation of ACMEv2 procotol
Stars: ✭ 95 (-66.9%)
Mutual labels:  letsencrypt, acme
acme
Go client library implementation for ACME v2 (RFC8555)
Stars: ✭ 77 (-73.17%)
Mutual labels:  letsencrypt, acme
grafana-operator
An operator for Grafana that installs and manages Grafana instances, Dashboards and Datasources through Kubernetes/OpenShift CRs
Stars: ✭ 449 (+56.45%)
Mutual labels:  openshift, k8s
ght-acme.sh
Shell script to sign certificate by the letsencrypt CA
Stars: ✭ 31 (-89.2%)
Mutual labels:  letsencrypt, acme
acmed
ACME (RFC 8555) client daemon
Stars: ✭ 121 (-57.84%)
Mutual labels:  certificates, acme
gollum-galore
🍬 Gollum wiki with lots of sugar 🍬
Stars: ✭ 14 (-95.12%)
Mutual labels:  letsencrypt, openshift
wat
WAT - Windows ACME Tool
Stars: ✭ 28 (-90.24%)
Mutual labels:  letsencrypt, acme
kong-plugin-acme
Let's Encrypt and ACMEv2 integration with Kong - this plugin has been moved into https://github.com/Kong/kong, please open issues and PRs in that repo
Stars: ✭ 36 (-87.46%)
Mutual labels:  letsencrypt, acme
ProxyInjector
A Kubernetes controller to inject an authentication proxy container to relevant pods - [✩Star] if you're using it!
Stars: ✭ 77 (-73.17%)
Mutual labels:  openshift, k8s
Certificates
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Stars: ✭ 3,693 (+1186.76%)
Mutual labels:  acme, certificates
View All Similar Projects ➔

Donate

openshift-acme

openshift-acme is ACME Controller for OpenShift and Kubernetes clusters. It will automatically provision certificates using ACME v2 protocol and manage their lifecycle including automatic renewals.

The controller is provider independent but to start with we would recommend you to use Let's Encrypt (https://letsencrypt.org). For more information checkout section Deploy.)

Enabling ACME certificates for your object

Once openshift-acme controller is running on your cluster all you have to do is annotate your Route or other supported object like this:

metadata:
  annotations:
    kubernetes.io/tls-acme: "true"

Deploy

openshift-acme provides multiple options to deploy the controller so you can deploy it even as a regular user in a shared cluster only for specific namespaces you have access to. We intentionally avoid using CRDs which require system:admin privileges.

We have created deployments to get you started in just a few seconds. (But feel free to create one that suits your needs.)

Let's encrypt provides two environments: live and staging. The environment is chosen based on the issuer ConfigMap that is created.

Staging

staging is meant for testing the controller or making sure you can try it out without the fear or exhausting your rate limits and it will provide you with certificates signed by Let's Encrypt staging CA making the certs not trusted!

Live

live will provide you with trusted certificates but has lower rate limits. This is what you want when you're done testing/evaluating the controller

Status

openshift-acme now supports only ACME v2 protocol. For the time of the transition the old images using ACME v1 are kept in docker.io/tnozicka/openshift-acme:v0.8.0. There is no plan to support the old version and while you can still use it until the endpoints are turned off, we advise you to try the new version of the controller and migrate.

Supported objects

Routes (OpenShift)

OpenShift Routes are fully supported.

If you annotate your Route with "acme.openshift.io/secret-name": "<secret_name>", the controller will synchronize the Route certificates into a Secret so you can use SSL in the passthrough mode and mount the secret into pods.

Roadmap

  • Advanced rate limiting (there is now support for basic rate limits)
  • Ingress (and Kubernetes) support
  • DNS validation support
  • CertificateRequests objects (when not using http-01 validation you don't need a Route)
  • Operator managing the deployment and upgrades

Mailing list

https://groups.google.com/d/forum/openshift-acme

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].