- Login into https://www.ssls.com/ => Purchased certs
- Click to active the certificate for specific domain
- Save the private key ([private-key].zip)
- Active domain with DNS-based validation (details link)
- Verify that domain become active
- Save the certificates zip file ([domain-name].zip)
Use 2 files [private-key].zip and [domain-name].zip from Activate Certificate process
-
Make sure you're on
masterbranch -
Update secret named
tls-secretin kubernetes/secrets-production.yml.secret- tls.crt:
- file [domain-name].crt from [domain-name].zip encode base64
- command:
cat [domain-name].crt | base64
- tls.key:
- file [private-key].txt from [private-key].zip encode base64
- command:
cat [private-key].crt | base64
- tls.crt:
-
Update new secrets to production, beta & staging
-
IMPORTANT NOTE:
- make sure we delete the secret
tls-secretbefore applying the new secrets. - The certificate will be applied immediately after we apply new secrets without any deployment.
- make sure we delete the secret
-
Commands:
kubectl delete secret tls-secret -n $NAMESPACEkubectl apply -f kubernetes/secrets-$NAMESPACE.yml
-
-
Commit changes and create Pull Request to
developandmasterbranches.
-
Make sure you're on
masterbranch -
Update secret field named
cpdb-co-tls-secretin kubernetes/secrets-production.yml.secret- tls.crt:
- file [domain-name].crt from [domain-name].zip encode base64
- command:
cat [domain-name].crt | base64
- tls.key:
- file [private-key].txt encode base64
- command:
cat [private-key].txt | base64
- tls.crt:
-
Update new secrets to production
-
IMPORTANT NOTE:
- make sure we delete the secret
cpdb-co-tls-secretbefore applying the new secrets. - The certificate will be applied immediately after we apply new secrets without any deployment.
- make sure we delete the secret
-
Commands:
kubectl delete secret cpdb-co-tls-secret -n $NAMESPACEkubectl apply -f kubernetes/secrets-$NAMESPACE.yml
-
-
Commit changes and create Pull Request to
developandmasterbranches.