Certificates

PaaS

tip

The DNS of your ingress host need to resolve to the PaaS ingress LB: paas2-ingress.lb.uninett.no for cert-manager to be able to issue a Lets Encrypt certicate (HTTP01 Ingress solver)

For Platon PaaS, certificates are automatically generated by cert-manager using Let's encrypt for securing Ingress resources. The PaaS cluster uses a cluster scope issuer so there is no need to annotate the Ingress with a cert-manager.io/cluster-issuer: <nameOfClusterIssuer>. You do however need the following annotation on your ingress for cert-manager to create a certificate for you:

kubernetes.io/tls-acme: "true"

Other systems

https://www.uninett.no/en/security-certificates
https://interndocs.sikt.no/docs/system-doc/sertifikater/bestilling

PaaS​

Other systems​

PaaS

Other systems