Share via

Attach SSL certificate for site from key vault secret to AKS

p.shapurau 16 Reputation points
2021-11-10T13:27:19.657+00:00

Created a wildcard certificate in openwork. Synchronized with the key vault, a secret is automatically created there. All checkboxes are green, everything is ok! This secret is created in aks in the corresponding namespace in a secret like kubernetes.io/tls (using akv2k8s). Synchronization occurs, everything is ok. Crt and key I see. I attach this secret to the ingress in the rules and tls section to the host (hostname with the appropriate name for the domain) and writes that fake Certificate and substitutes the default "Acme Co, Kubernetes Ingress Controller Fake Certificate", in the ingress logs "Error getting Ssl certificate, local ssl certificate not found. Using default certificate. "What should I do? Why does not it work?

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,448 questions
Azure Kubernetes Service
Azure Kubernetes Service
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
2,448 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. p.shapurau 16 Reputation points
    2021-11-11T12:16:59.657+00:00

    I seem to understand what the problem is. Double wildcard custom domains not supported by Azure today? Do I understand correctly?
    My certificate was issued for *.mywebsite.com (in Azure), my applications in AKS are: aaa.bbb.mywebsite.com, because there are a lot of them.

    If so, it creates very big problems for me.

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.