Skip to content

Commit 373b9d5

Browse files
bacongobblerbacongobbler
authored
Merge pull request #230 from adamreese/https-requests
Add documentation for making HTTPS requests
2 parents 634212c + 180f3e5 commit 373b9d5

File tree

1 file changed

+64
-0
lines changed

1 file changed

+64
-0
lines changed

content/en/docs/topics/https-requests.md

Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
---
2+
title: Making HTTPS Requests
3+
description: Configure Spin Apps to allow HTTPS requests.
4+
date: 2024-09-03
5+
categories: [Spin Operator]
6+
tags: [Tutorials]
7+
weight: 11
8+
aliases:
9+
- /docs/spin-operator/tutorials/https-requests
10+
---
11+
12+
To enable HTTPS requests, the [executor](https://www.spinkube.dev/docs/glossary/#spin-app-executor-crd) must be configured to use certificates. SpinKube can be configured to use either default or custom certificates.
13+
14+
If you make a request without properly configured certificates, you'll encounter an error message that reads: `error trying to connect: unexpected EOF (unable to get local issuer certificate)`.
15+
16+
## Using default certificates
17+
18+
SpinKube can generate a default CA certificate bundle by setting `installDefaultCACerts` to `true`. This creates a secret named `spin-ca` populated with curl's [default bundle](https://curl.se/ca/cacert.pem). You can specify a custom secret name by setting `caCertSecret`.
19+
20+
```yaml
21+
apiVersion: core.spinoperator.dev/v1alpha1
22+
kind: SpinAppExecutor
23+
metadata:
24+
name: containerd-shim-spin
25+
spec:
26+
createDeployment: true
27+
deploymentConfig:
28+
runtimeClassName: wasmtime-spin-v2
29+
installDefaultCACerts: true
30+
```
31+
32+
Apply the executor using kubectl:
33+
34+
```console
35+
kubectl apply -f myexecutor.yaml
36+
```
37+
38+
## Using custom certificates
39+
40+
Create a secret from your certificate file:
41+
42+
```console
43+
kubectl create secret generic my-custom-ca --from-file=ca-certificates.crt
44+
```
45+
46+
Configure the executor to use the custom certificate secret:
47+
48+
```yaml
49+
apiVersion: core.spinoperator.dev/v1alpha1
50+
kind: SpinAppExecutor
51+
metadata:
52+
name: containerd-shim-spin
53+
spec:
54+
createDeployment: true
55+
deploymentConfig:
56+
runtimeClassName: wasmtime-spin-v2
57+
caCertSecret: my-custom-ca
58+
```
59+
60+
Apply the executor using kubectl:
61+
62+
```console
63+
kubectl apply -f myexecutor.yaml
64+
```

0 commit comments

Comments
 (0)