You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
###### :pushpin: Running the static cert-manager configuration is not recommended for production use. For more information, see [Installing cert-manager](https://cert-manager.io/docs/installation/).
53
+
###### :pushpin: Running the static cert-manager configuration is not recommended for production use. For more information, see [Installing cert-manager](https://cert-manager.io/docs/installation/).
54
54
55
-
Then, install the custom resource definitions (CRDs) for the cert-manager external issuer for Keyfactor Command:
56
-
```shell
57
-
make install
58
-
```
55
+
2. Then, install the custom resource definitions (CRDs) for the cert-manager external issuer for Keyfactor Command:
56
+
```shell
57
+
make install
58
+
```
59
59
60
-
Finally, deploy the controller to the cluster:
61
-
```shell
62
-
make deploy
63
-
```
60
+
3. Finally, deploy the controller to the cluster:
61
+
```shell
62
+
make deploy
63
+
```
64
64
65
65
### Installation from Helm Chart
66
66
67
67
The cert-manager external issuer forKeyfactor Command can also be installed using a Helm chart. The chart is availablein the [Command cert-manager Helm repository](https://keyfactor.github.io/command-cert-manager-issuer/).
Modifications can be made by overriding the default values in the `values.yaml` file with the `--set` flag. For example, to override the `replicaCount` value, run the following command:
a. Modifications can be made by overriding the default values in the `values.yaml` file with the `--set` flag. For example, to override the `replicaCount` value, run the following command:
The cert-manager external issuer for Keyfactor Command can be used to issue certificates from Keyfactor Command using cert-manager.
@@ -115,7 +129,7 @@ The Issuer resource is namespaced, while the ClusterIssuer resource is cluster-s
115
129
For example, ClusterIssuer resources can be used to issue certificates for resources in multiple namespaces, whereas Issuer resources can only be used to issue certificates for resources in the same namespace.
116
130
117
131
The `spec` field of both the Issuer and ClusterIssuer resources use the following fields:
118
-
*`hostname` - The hostname of the Keyfactor Command server
132
+
* `hostname` - The hostname of the Keyfactor Command server - The signer sets the protocol to `https` and automatically trims the trailing path from this field, if it exists. Additionally, the base Command API path is automatically set to `/KeyfactorAPI` and cannot be changed.
119
133
* `commandSecretName` - The name of the Kubernetes `kubernetes.io/basic-auth` secret containing credentials to the Keyfactor instance
120
134
* `certificateTemplate` - The short name corresponding to a template in Command that will be used to issue certificates.
121
135
* `certificateAuthorityLogicalName` - The logical name of the CA to use to sign the certificate request
Modifications can be made by overriding the default values in the `values.yaml` file with the `--set` flag. For example, to override the `replicaCount` value, run the following command:
Modifications can also be made by modifying the `values.yaml` file directly. For example, to override the `replicaCount` value, modify the `replicaCount` value in the `values.yaml` file:
39
+
```yaml
40
+
cat <<EOF > override.yaml
41
+
replicaCount: 2
42
+
EOF
43
+
```
44
+
Then, use the `-f` flag to specify the `values.yaml` file:
0 commit comments