{"id":7807,"date":"2023-03-21T12:10:15","date_gmt":"2023-03-21T06:40:15","guid":{"rendered":"https:\/\/opstree.com\/blog\/\/?p=7807"},"modified":"2023-03-21T12:10:54","modified_gmt":"2023-03-21T06:40:54","slug":"cert-manager-issuer-for-cross-account-route-53-eks","status":"publish","type":"post","link":"https:\/\/opstree.com\/blog\/2023\/03\/21\/cert-manager-issuer-for-cross-account-route-53-eks\/","title":{"rendered":"Cert-Manager Issuer for Cross-Account Route 53 [ EKS\u00a0]"},"content":{"rendered":"\n<p class=\"has-text-align-justify\">Cert-Manager is a very powerful tool when we talk about managing TLS certificates &amp; issuers and no other tool comes near the Cert-Manager for kubernetes in terms of open source, visibility, documentation, installation option, integration, and many more. Even with the same account or cross-account option, there is a direct integration option provided by cert-manager CRDs. This will lead to ease of setting of certificates and managing those created certificates.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">ASSUMPTION<\/h3>\n\n\n\n<p>For this session\/blog, we are going to use ACME certificates [or Let\u2019s encrypt certificates] using DNS01 challenger.<\/p>\n\n\n\n<p>Before setting up we need to have the clarity of account and their functionality.<\/p>\n\n\n\n<p><strong>ACCOUNT-X<\/strong>\u200a\u2014\u200aEKS SETUP<\/p>\n\n\n\n<p><strong>ACCOUNT Y\u200a<\/strong>\u2014\u200aROUTE 53<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/36a74-1gt5so3qjfjxyi_9njj_-eq.png\" alt=\"\" \/><\/figure>\n\n\n\n<p>NOTE: For the same account, you can use <strong>serviceaccount<\/strong> to make a call through OIDC To AWS IAM Role.<\/p>\n\n\n\n<!--more-->\n\n\n\n<h3 class=\"wp-block-heading\">SETUP<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">IAM User credentials<\/h4>\n\n\n\n<p>Under Account Y, Create IAM user and provide privileged [Administrator] access or you can use following IAM policy to provide limited access to Route 53. This permission required to change or read information of the Hosted zone.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-embed-handler wp-block-embed-embed-handler\"><div class=\"wp-block-embed__wrapper\">\n<style>.gist table { margin-bottom: 0; }<\/style><div style=\"tab-size: 8\" id=\"gist121320970\" class=\"gist\">\n    <div class=\"gist-file\" translate=\"no\" data-color-mode=\"light\" data-light-theme=\"light\">\n      <div class=\"gist-data\">\n        \n<div class=\"js-gist-file-update-container js-task-list-container\">\n      <div id=\"file-route-53-acccess-policy-for-cert-manager-json\" class=\"file my-2\">\n    \n    <div itemprop=\"text\"\n      class=\"Box-body p-0 blob-wrapper data type-json  \"\n      style=\"overflow: auto\" tabindex=\"0\" role=\"region\"\n      aria-label=\"route-53-acccess-policy-for-cert-manager.json content, created by b44rawat on 04:53PM on March 09, 2023.\"\n    >\n\n        \n<div class=\"js-check-hidden-unicode js-blob-code-container blob-code-content\">\n\n  <template class=\"js-file-alert-template\">\n  <div data-view-component=\"true\" class=\"flash flash-warn flash-full d-flex flex-items-center\">\n  <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-alert\">\n    <path d=\"M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z\"><\/path>\n<\/svg>\n    <span>\n      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.\n      <a class=\"Link--inTextBlock\" href=\"https:\/\/github.co\/hiddenchars\" target=\"_blank\" rel=\"noopener\">Learn more about bidirectional Unicode characters<\/a>\n    <\/span>\n\n\n  <div data-view-component=\"true\" class=\"flash-action\">        <a href=\"{{ revealButtonHref }}\" data-view-component=\"true\" class=\"btn-sm btn\">    Show hidden characters\n<\/a>\n<\/div>\n<\/div><\/template>\n<template class=\"js-line-alert-template\">\n  <span aria-label=\"This line has hidden Unicode characters\" data-view-component=\"true\" class=\"line-alert tooltipped tooltipped-e\">\n    <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-alert\">\n    <path d=\"M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z\"><\/path>\n<\/svg>\n<\/span><\/template>\n\n  <table data-hpc class=\"highlight tab-size js-file-line-container\" data-tab-size=\"4\" data-paste-markdown-skip data-tagsearch-path=\"route-53-acccess-policy-for-cert-manager.json\">\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L1\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"1\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC1\" class=\"blob-code blob-code-inner js-file-line\">{<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L2\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"2\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC2\" class=\"blob-code blob-code-inner js-file-line\">  &quot;Version&quot;: &quot;2012-10-17&quot;,<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L3\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"3\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC3\" class=\"blob-code blob-code-inner js-file-line\">  &quot;Statement&quot;: [<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L4\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"4\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC4\" class=\"blob-code blob-code-inner js-file-line\">    {<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L5\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"5\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC5\" class=\"blob-code blob-code-inner js-file-line\">      &quot;Effect&quot;: &quot;Allow&quot;,<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L6\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"6\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC6\" class=\"blob-code blob-code-inner js-file-line\">      &quot;Action&quot;: &quot;route53:GetChange&quot;,<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L7\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"7\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC7\" class=\"blob-code blob-code-inner js-file-line\">      &quot;Resource&quot;: &quot;arn:aws:route53:::change\/*&quot;<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L8\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"8\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC8\" class=\"blob-code blob-code-inner js-file-line\">    },<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L9\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"9\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC9\" class=\"blob-code blob-code-inner js-file-line\">    {<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L10\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"10\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC10\" class=\"blob-code blob-code-inner js-file-line\">      &quot;Effect&quot;: &quot;Allow&quot;,<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L11\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"11\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC11\" class=\"blob-code blob-code-inner js-file-line\">      &quot;Action&quot;: [<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L12\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"12\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC12\" class=\"blob-code blob-code-inner js-file-line\">        &quot;route53:ChangeResourceRecordSets&quot;,<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L13\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"13\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC13\" class=\"blob-code blob-code-inner js-file-line\">        &quot;route53:ListResourceRecordSets&quot;<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L14\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"14\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC14\" class=\"blob-code blob-code-inner js-file-line\">      ],<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L15\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"15\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC15\" class=\"blob-code blob-code-inner js-file-line\">      &quot;Resource&quot;: &quot;arn:aws:route53:::hostedzone\/*&quot;<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L16\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"16\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC16\" class=\"blob-code blob-code-inner js-file-line\">    },<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L17\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"17\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC17\" class=\"blob-code blob-code-inner js-file-line\">    {<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L18\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"18\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC18\" class=\"blob-code blob-code-inner js-file-line\">      &quot;Effect&quot;: &quot;Allow&quot;,<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L19\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"19\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC19\" class=\"blob-code blob-code-inner js-file-line\">      &quot;Action&quot;: &quot;route53:ListHostedZonesByName&quot;,<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L20\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"20\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC20\" class=\"blob-code blob-code-inner js-file-line\">      &quot;Resource&quot;: &quot;*&quot;<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L21\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"21\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC21\" class=\"blob-code blob-code-inner js-file-line\">    }<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L22\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"22\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC22\" class=\"blob-code blob-code-inner js-file-line\">  ]<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-L23\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"23\"><\/td>\n          <td id=\"file-route-53-acccess-policy-for-cert-manager-json-LC23\" class=\"blob-code blob-code-inner js-file-line\">}<\/td>\n        <\/tr>\n  <\/table>\n<\/div>\n\n\n    <\/div>\n\n  <\/div>\n\n<\/div>\n\n      <\/div>\n      <div class=\"gist-meta\">\n        <a href=\"https:\/\/gist.github.com\/b44rawat\/d36052561c8a280b0dfef2636f3d37da\/raw\/f3d4ee0415c58806fd875191029493dd14acb956\/route-53-acccess-policy-for-cert-manager.json\" style=\"float:right\" class=\"Link--inTextBlock\" target=\"_blank\" rel=\"noopener\">view raw<\/a>\n        <a href=\"https:\/\/gist.github.com\/b44rawat\/d36052561c8a280b0dfef2636f3d37da#file-route-53-acccess-policy-for-cert-manager-json\" class=\"Link--inTextBlock\" target=\"_blank\" rel=\"noopener\">\n          route-53-acccess-policy-for-cert-manager.json\n        <\/a>\n        hosted with &#10084; by <a class=\"Link--inTextBlock\" href=\"https:\/\/github.com\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>\n      <\/div>\n    <\/div>\n<\/div>\n\n<\/div><\/figure>\n\n\n\n<p>Once created. Copy ACCESS KEY &amp; SECRET KEY of that IAM user. This is required further when we will configure Issuer.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">ACCESS-KEY - AKIAXXXXXXXXXXXXXXX<br>SECRET-ACCESS-KEY - 5CE3sXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">Get Hosted Zone&nbsp;ID<\/h4>\n\n\n\n<p>This hosted zone we need to copy from Route 53 of <strong>Account Y<\/strong>, dsf<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/6ed64-1ywqvefjfujanwpk7ftidlw.png\" alt=\"\" \/><\/figure>\n\n\n\n<pre class=\"wp-block-preformatted\">Hosted Zone ID - ZO61XXXXXXXXXXXXX<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">Cert-Manager Setup<\/h4>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">helm install cert-manager jetstack\/cert-manager --namespace cert-manager --create-namespace --version v1.9.1 --set installCRDs=true<\/pre>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/d8766-1-aorq-j1kazx9a62tybfpg.png\" alt=\"\" \/><\/figure>\n\n\n\n<p>Check <strong>This Link<\/strong> for detailed installation of Cert-Manager.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">BASE64 encoded secret access&nbsp;key<\/h4>\n\n\n\n<p>First, copy the secret access key that we created for IAM User for Account Y.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">echo \"5CE3sXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\" | base64<\/pre>\n\n\n\n<p>It will give base 64 encoded output which we will use to create a kubernetes secret for <strong>secretAccessKeySecretRef<\/strong> reference.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">NUNFMXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">AWS Secret key Secret&nbsp;creation<\/h4>\n\n\n\n<p>Now, we need to create that secret before applying the changes.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-embed-handler wp-block-embed-embed-handler\"><div class=\"wp-block-embed__wrapper\">\n<style>.gist table { margin-bottom: 0; }<\/style><div style=\"tab-size: 8\" id=\"gist121321000\" class=\"gist\">\n    <div class=\"gist-file\" translate=\"no\" data-color-mode=\"light\" data-light-theme=\"light\">\n      <div class=\"gist-data\">\n        \n<div class=\"js-gist-file-update-container js-task-list-container\">\n      <div id=\"file-accounty-secret-key-yaml\" class=\"file my-2\">\n    \n    <div itemprop=\"text\"\n      class=\"Box-body p-0 blob-wrapper data type-yaml  \"\n      style=\"overflow: auto\" tabindex=\"0\" role=\"region\"\n      aria-label=\"accounty-secret-key.yaml content, created by b44rawat on 04:55PM on March 09, 2023.\"\n    >\n\n        \n<div class=\"js-check-hidden-unicode js-blob-code-container blob-code-content\">\n\n  <template class=\"js-file-alert-template\">\n  <div data-view-component=\"true\" class=\"flash flash-warn flash-full d-flex flex-items-center\">\n  <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-alert\">\n    <path d=\"M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z\"><\/path>\n<\/svg>\n    <span>\n      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.\n      <a class=\"Link--inTextBlock\" href=\"https:\/\/github.co\/hiddenchars\" target=\"_blank\" rel=\"noopener\">Learn more about bidirectional Unicode characters<\/a>\n    <\/span>\n\n\n  <div data-view-component=\"true\" class=\"flash-action\">        <a href=\"{{ revealButtonHref }}\" data-view-component=\"true\" class=\"btn-sm btn\">    Show hidden characters\n<\/a>\n<\/div>\n<\/div><\/template>\n<template class=\"js-line-alert-template\">\n  <span aria-label=\"This line has hidden Unicode characters\" data-view-component=\"true\" class=\"line-alert tooltipped tooltipped-e\">\n    <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-alert\">\n    <path d=\"M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z\"><\/path>\n<\/svg>\n<\/span><\/template>\n\n  <table data-hpc class=\"highlight tab-size js-file-line-container\" data-tab-size=\"4\" data-paste-markdown-skip data-tagsearch-path=\"accounty-secret-key.yaml\">\n        <tr>\n          <td id=\"file-accounty-secret-key-yaml-L1\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"1\"><\/td>\n          <td id=\"file-accounty-secret-key-yaml-LC1\" class=\"blob-code blob-code-inner js-file-line\">apiVersion: v1<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-accounty-secret-key-yaml-L2\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"2\"><\/td>\n          <td id=\"file-accounty-secret-key-yaml-LC2\" class=\"blob-code blob-code-inner js-file-line\">kind: Secret<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-accounty-secret-key-yaml-L3\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"3\"><\/td>\n          <td id=\"file-accounty-secret-key-yaml-LC3\" class=\"blob-code blob-code-inner js-file-line\">metadata:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-accounty-secret-key-yaml-L4\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"4\"><\/td>\n          <td id=\"file-accounty-secret-key-yaml-LC4\" class=\"blob-code blob-code-inner js-file-line\">  name: awssecretkey<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-accounty-secret-key-yaml-L5\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"5\"><\/td>\n          <td id=\"file-accounty-secret-key-yaml-LC5\" class=\"blob-code blob-code-inner js-file-line\">  namespace: cert-manager<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-accounty-secret-key-yaml-L6\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"6\"><\/td>\n          <td id=\"file-accounty-secret-key-yaml-LC6\" class=\"blob-code blob-code-inner js-file-line\">type: Opaque<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-accounty-secret-key-yaml-L7\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"7\"><\/td>\n          <td id=\"file-accounty-secret-key-yaml-LC7\" class=\"blob-code blob-code-inner js-file-line\">data:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-accounty-secret-key-yaml-L8\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"8\"><\/td>\n          <td id=\"file-accounty-secret-key-yaml-LC8\" class=\"blob-code blob-code-inner js-file-line\">  secret-access-key: NUNFMXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=<\/td>\n        <\/tr>\n  <\/table>\n<\/div>\n\n\n    <\/div>\n\n  <\/div>\n\n<\/div>\n\n      <\/div>\n      <div class=\"gist-meta\">\n        <a href=\"https:\/\/gist.github.com\/b44rawat\/da3ede89056fabd878ee42e0dd7d37ca\/raw\/22169d3aba86ae078b90e6fdd6032b6995aed4b1\/accounty-secret-key.yaml\" style=\"float:right\" class=\"Link--inTextBlock\" target=\"_blank\" rel=\"noopener\">view raw<\/a>\n        <a href=\"https:\/\/gist.github.com\/b44rawat\/da3ede89056fabd878ee42e0dd7d37ca#file-accounty-secret-key-yaml\" class=\"Link--inTextBlock\" target=\"_blank\" rel=\"noopener\">\n          accounty-secret-key.yaml\n        <\/a>\n        hosted with &#10084; by <a class=\"Link--inTextBlock\" href=\"https:\/\/github.com\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>\n      <\/div>\n    <\/div>\n<\/div>\n\n<\/div><\/figure>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/58924-1tpgtpbjdi57hpcgaxp96nw.png\" alt=\"\" \/><\/figure>\n\n\n\n<p>and apply the following<\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">kubectl apply -f accounty-secret-key.yaml<\/pre>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/d9d30-1o8nscpxnmamezzramgu-gw.png\" alt=\"\" \/><\/figure>\n\n\n\n<p>Check if the secret is created or not.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">kubectl get secret -n cert-manager<\/pre>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/f0a30-1-eh-mf3bbcthuzgqqgtabg.png\" alt=\"\" \/><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\">ClusterIssuer Breakdown<\/h4>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">apiVersion: cert-manager.io\/v1<br>kind: ClusterIssuer<br>metadata:<br>  name: <strong>cert-manager-staging-test<\/strong><\/pre>\n\n\n\n<p>The above information is related to CRD of cert-manager. This includes apiVersion, kind &amp; metadata<\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">spec:<br>  acme:<br>    email: <a href=\"mailto:bhupender.singh@opstree.com\" rel=\"noreferrer noopener\" target=\"_blank\"><strong>xxxxx-xxxxx@xxxxx.x<\/strong><\/a><strong>xx<\/strong><br>    server: <a href=\"https:\/\/acme-staging-v02.api.letsencrypt.org\/directory\" rel=\"noreferrer noopener\" target=\"_blank\"><strong>https:\/\/acme-staging-v02.api.letsencrypt.org\/directory<\/strong><\/a><br>    privateKeySecretRef:<br>      name: <strong>cert-manager-staging-test-secret<\/strong><\/pre>\n\n\n\n<p>ACME BREAKDOWN:<\/p>\n\n\n\n<ul>\n<li>email [Require for general information for certification creation]<\/li>\n\n\n\n<li>server [This specifies what kind of certificates user want\u2019s to create Like staging or prod certificates]<\/li>\n\n\n\n<li>privateKeySecretRef [Name of the secret]<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">solvers:<br>    - selector:<br>        dnsZones:<br>          - <strong>\"*.example.example\"<\/strong><br>          - <strong>\"example.com\"<\/strong><\/pre>\n\n\n\n<p>Solvers BREAKDOWN:<\/p>\n\n\n\n<ul>\n<li>Selectors [Selector specifies the configuration, For let\u2019s encrypt, we need to specify dnsZones]<\/li>\n\n\n\n<li>dnsZones [dnsZones specifies the domain &amp; wildcard information]<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">dns01:<br>        route53:<br>          region: XX-XXXX-X<br>          hostedZoneID: <strong>ZO61XXXXXXXXXXXXX<\/strong><br>          accessKeyID: <strong>AKIAXXXXXXXXXXXXXX<\/strong><br>          secretAccessKeySecretRef:<br>            name: <strong>awssecretkey<\/strong><br>            key: <strong>accounty-secret-key<\/strong><\/pre>\n\n\n\n<p>dns01 [This specifies the actual information related to the route53 like region, hostedZoneId, access keys, role id]<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>ClusterIssuer file<\/strong><\/h4>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-embed-handler wp-block-embed-embed-handler\"><div class=\"wp-block-embed__wrapper\">\n<style>.gist table { margin-bottom: 0; }<\/style><div style=\"tab-size: 8\" id=\"gist121321019\" class=\"gist\">\n    <div class=\"gist-file\" translate=\"no\" data-color-mode=\"light\" data-light-theme=\"light\">\n      <div class=\"gist-data\">\n        \n<div class=\"js-gist-file-update-container js-task-list-container\">\n      <div id=\"file-issuer-yaml\" class=\"file my-2\">\n    \n    <div itemprop=\"text\"\n      class=\"Box-body p-0 blob-wrapper data type-yaml  \"\n      style=\"overflow: auto\" tabindex=\"0\" role=\"region\"\n      aria-label=\"issuer.yaml content, created by b44rawat on 04:56PM on March 09, 2023.\"\n    >\n\n        \n<div class=\"js-check-hidden-unicode js-blob-code-container blob-code-content\">\n\n  <template class=\"js-file-alert-template\">\n  <div data-view-component=\"true\" class=\"flash flash-warn flash-full d-flex flex-items-center\">\n  <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-alert\">\n    <path d=\"M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z\"><\/path>\n<\/svg>\n    <span>\n      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.\n      <a class=\"Link--inTextBlock\" href=\"https:\/\/github.co\/hiddenchars\" target=\"_blank\" rel=\"noopener\">Learn more about bidirectional Unicode characters<\/a>\n    <\/span>\n\n\n  <div data-view-component=\"true\" class=\"flash-action\">        <a href=\"{{ revealButtonHref }}\" data-view-component=\"true\" class=\"btn-sm btn\">    Show hidden characters\n<\/a>\n<\/div>\n<\/div><\/template>\n<template class=\"js-line-alert-template\">\n  <span aria-label=\"This line has hidden Unicode characters\" data-view-component=\"true\" class=\"line-alert tooltipped tooltipped-e\">\n    <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-alert\">\n    <path d=\"M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z\"><\/path>\n<\/svg>\n<\/span><\/template>\n\n  <table data-hpc class=\"highlight tab-size js-file-line-container\" data-tab-size=\"4\" data-paste-markdown-skip data-tagsearch-path=\"issuer.yaml\">\n        <tr>\n          <td id=\"file-issuer-yaml-L1\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"1\"><\/td>\n          <td id=\"file-issuer-yaml-LC1\" class=\"blob-code blob-code-inner js-file-line\">apiVersion: cert-manager.io\/v1<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L2\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"2\"><\/td>\n          <td id=\"file-issuer-yaml-LC2\" class=\"blob-code blob-code-inner js-file-line\">kind: ClusterIssuer<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L3\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"3\"><\/td>\n          <td id=\"file-issuer-yaml-LC3\" class=\"blob-code blob-code-inner js-file-line\">metadata:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L4\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"4\"><\/td>\n          <td id=\"file-issuer-yaml-LC4\" class=\"blob-code blob-code-inner js-file-line\">  name: cert-manager-staging-test<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L5\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"5\"><\/td>\n          <td id=\"file-issuer-yaml-LC5\" class=\"blob-code blob-code-inner js-file-line\">spec:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L6\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"6\"><\/td>\n          <td id=\"file-issuer-yaml-LC6\" class=\"blob-code blob-code-inner js-file-line\">  acme:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L7\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"7\"><\/td>\n          <td id=\"file-issuer-yaml-LC7\" class=\"blob-code blob-code-inner js-file-line\">    email: xxxxx-xxxxx@xxxxx.xxx<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L8\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"8\"><\/td>\n          <td id=\"file-issuer-yaml-LC8\" class=\"blob-code blob-code-inner js-file-line\">    server: https:\/\/acme-staging-v02.api.letsencrypt.org\/directory<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L9\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"9\"><\/td>\n          <td id=\"file-issuer-yaml-LC9\" class=\"blob-code blob-code-inner js-file-line\">    privateKeySecretRef:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L10\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"10\"><\/td>\n          <td id=\"file-issuer-yaml-LC10\" class=\"blob-code blob-code-inner js-file-line\">      name: cert-manager-staging-test-secret<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L11\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"11\"><\/td>\n          <td id=\"file-issuer-yaml-LC11\" class=\"blob-code blob-code-inner js-file-line\">    solvers:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L12\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"12\"><\/td>\n          <td id=\"file-issuer-yaml-LC12\" class=\"blob-code blob-code-inner js-file-line\">    &#8211; selector:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L13\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"13\"><\/td>\n          <td id=\"file-issuer-yaml-LC13\" class=\"blob-code blob-code-inner js-file-line\">        dnsZones:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L14\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"14\"><\/td>\n          <td id=\"file-issuer-yaml-LC14\" class=\"blob-code blob-code-inner js-file-line\">          &#8211; &quot;*.example.com&quot;<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L15\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"15\"><\/td>\n          <td id=\"file-issuer-yaml-LC15\" class=\"blob-code blob-code-inner js-file-line\">          &#8211; &quot;example.com&quot;<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L16\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"16\"><\/td>\n          <td id=\"file-issuer-yaml-LC16\" class=\"blob-code blob-code-inner js-file-line\">      dns01:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L17\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"17\"><\/td>\n          <td id=\"file-issuer-yaml-LC17\" class=\"blob-code blob-code-inner js-file-line\">        route53:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L18\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"18\"><\/td>\n          <td id=\"file-issuer-yaml-LC18\" class=\"blob-code blob-code-inner js-file-line\">          region: us-east-1<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L19\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"19\"><\/td>\n          <td id=\"file-issuer-yaml-LC19\" class=\"blob-code blob-code-inner js-file-line\">          hostedZoneID: ZO61XXXXXXXXXXXXX<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L20\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"20\"><\/td>\n          <td id=\"file-issuer-yaml-LC20\" class=\"blob-code blob-code-inner js-file-line\">          accessKeyID: AKIAXXXXXXXXXXXXXX<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L21\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"21\"><\/td>\n          <td id=\"file-issuer-yaml-LC21\" class=\"blob-code blob-code-inner js-file-line\">          secretAccessKeySecretRef:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L22\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"22\"><\/td>\n          <td id=\"file-issuer-yaml-LC22\" class=\"blob-code blob-code-inner js-file-line\">            name: awssecretkey<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-issuer-yaml-L23\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"23\"><\/td>\n          <td id=\"file-issuer-yaml-LC23\" class=\"blob-code blob-code-inner js-file-line\">            key: secret-access-key<\/td>\n        <\/tr>\n  <\/table>\n<\/div>\n\n\n    <\/div>\n\n  <\/div>\n\n<\/div>\n\n      <\/div>\n      <div class=\"gist-meta\">\n        <a href=\"https:\/\/gist.github.com\/b44rawat\/63f9ba866bb4b75bc09cb119ca95b4d4\/raw\/dbc6f755d1d9a01e28148a7f894b52d7d1e886c2\/issuer.yaml\" style=\"float:right\" class=\"Link--inTextBlock\" target=\"_blank\" rel=\"noopener\">view raw<\/a>\n        <a href=\"https:\/\/gist.github.com\/b44rawat\/63f9ba866bb4b75bc09cb119ca95b4d4#file-issuer-yaml\" class=\"Link--inTextBlock\" target=\"_blank\" rel=\"noopener\">\n          issuer.yaml\n        <\/a>\n        hosted with &#10084; by <a class=\"Link--inTextBlock\" href=\"https:\/\/github.com\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>\n      <\/div>\n    <\/div>\n<\/div>\n\n<\/div><\/figure>\n\n\n\n<p>Use below command to apply the clusterissuer configuration.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">kubectl apply -f issuer.yaml<\/pre>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/1b2af-1fnqazdxwddqcxaxgvsz8dw.png\" alt=\"\" \/><\/figure>\n\n\n\n<p>Once you apply the changes, you can check the cert-manager controller pod logs to check the behaviour or validate the logs.<\/p>\n\n\n\n<p><strong>LOGS:<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">I0817 19:16:29.779442       1 setup.go:111] cert-manager\/clusterissuers \"msg\"=\"generating acme account private key\" \"related_resource_kind\"=\"Secret\" \"related_resource_name\"=\"<strong>cert-manager-staging-test-secret<\/strong>\" \"related_resource_namespace\"=\"cert-manager\" \"resource_kind\"=\"ClusterIssuer\" \"resource_name\"=\"cert-manager-staging-test\" \"resource_namespace\"=\"\" \"resource_version\"=\"v1\"\nI0817 19:16:29.906133       1 setup.go:219] cert-manager\/clusterissuers \"msg\"=\"ACME server URL host and ACME private key registration host differ. Re-checking ACME account registration\" \"related_resource_kind\"=\"Secret\" \"related_resource_name\"=\"cert-manager-staging-test-secret\" \"related_resource_namespace\"=\"cert-manager\" \"resource_kind\"=\"ClusterIssuer\" \"resource_name\"=\"cert-manager-staging-test\" \"resource_namespace\"=\"\" \"resource_version\"=\"v1\"\nI0817 19:16:30.770143       1 setup.go:309] cert-manager\/clusterissuers \"msg\"=\"verified existing registration with ACME server\" \"related_resource_kind\"=\"Secret\" \"related_resource_name\"=\"cert-manager-staging-test-secret\" \"related_resource_namespace\"=\"cert-manager\" \"resource_kind\"=\"ClusterIssuer\" \"resource_name\"=\"cert-manager-staging-test\" \"resource_namespace\"=\"\" \"resource_version\"=\"v1\"\nI0817 19:16:30.770174       1 conditions.go:95] Setting lastTransitionTime for Issuer \"cert-manager-staging-test\" condition \"Ready\" to 2022-08-17 19:16:30.770167831 +0000 UTC m=+2333.520794129\nI0817 19:16:30.783535       1 setup.go:202] cert-manager\/clusterissuers \"msg\"=\"skipping re-verifying ACME account as cached registration details look sufficient\" \"related_resource_kind\"=\"Secret\" \"related_resource_name\"=\"cert-manager-staging-test-secret\" \"related_resource_namespace\"=\"cert-manager\" \"resource_kind\"=\"ClusterIssuer\" \"resource_name\"=\"cert-manager-staging-test\" \"resource_namespace\"=\"\" \"resource_version\"=\"v1\"\nI0817 19:16:34.907590       1 setup.go:202] cert-manager\/clusterissuers \"msg\"=\"skipping re-verifying ACME account as cached registration details look sufficient\" \"related_resource_kind\"=\"Secret\" \"related_resource_name\"=\"cert-manager-staging-test-secret\" \"related_resource_namespace\"=\"cert-manager\" \"resource_kind\"=\"ClusterIssuer\" \"resource_name\"=\"cert-manager-staging-test\" \"resource_namespace\"=\"\" \"resource_version\"=\"v1\"<\/pre>\n\n\n\n<p>You can also validate the changes by using the below command to check <em>READY <\/em>status. If it is showing <strong>True<\/strong>, it means it is ready to serve.<\/p>\n\n\n\n<p>NOTE: If it is not showing True, inspect the cert-manager controller logs to rectify the issue.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">kubectl get clusterissuer<\/pre>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/14d9b-1k87j4wr6jkwtpuygvnxuxw.png\" alt=\"\" \/><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Certificate creation<\/strong><\/h4>\n\n\n\n<p>Once, you create the clusterissuer with True ready status. You need to create certificates which responsible for creating secrets containing certificates.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-embed-handler wp-block-embed-embed-handler\"><div class=\"wp-block-embed__wrapper\">\n<style>.gist table { margin-bottom: 0; }<\/style><div style=\"tab-size: 8\" id=\"gist121321034\" class=\"gist\">\n    <div class=\"gist-file\" translate=\"no\" data-color-mode=\"light\" data-light-theme=\"light\">\n      <div class=\"gist-data\">\n        \n<div class=\"js-gist-file-update-container js-task-list-container\">\n      <div id=\"file-cert-test-yaml\" class=\"file my-2\">\n    \n    <div itemprop=\"text\"\n      class=\"Box-body p-0 blob-wrapper data type-yaml  \"\n      style=\"overflow: auto\" tabindex=\"0\" role=\"region\"\n      aria-label=\"cert-test.yaml content, created by b44rawat on 04:57PM on March 09, 2023.\"\n    >\n\n        \n<div class=\"js-check-hidden-unicode js-blob-code-container blob-code-content\">\n\n  <template class=\"js-file-alert-template\">\n  <div data-view-component=\"true\" class=\"flash flash-warn flash-full d-flex flex-items-center\">\n  <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-alert\">\n    <path d=\"M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z\"><\/path>\n<\/svg>\n    <span>\n      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.\n      <a class=\"Link--inTextBlock\" href=\"https:\/\/github.co\/hiddenchars\" target=\"_blank\" rel=\"noopener\">Learn more about bidirectional Unicode characters<\/a>\n    <\/span>\n\n\n  <div data-view-component=\"true\" class=\"flash-action\">        <a href=\"{{ revealButtonHref }}\" data-view-component=\"true\" class=\"btn-sm btn\">    Show hidden characters\n<\/a>\n<\/div>\n<\/div><\/template>\n<template class=\"js-line-alert-template\">\n  <span aria-label=\"This line has hidden Unicode characters\" data-view-component=\"true\" class=\"line-alert tooltipped tooltipped-e\">\n    <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-alert\">\n    <path d=\"M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z\"><\/path>\n<\/svg>\n<\/span><\/template>\n\n  <table data-hpc class=\"highlight tab-size js-file-line-container\" data-tab-size=\"4\" data-paste-markdown-skip data-tagsearch-path=\"cert-test.yaml\">\n        <tr>\n          <td id=\"file-cert-test-yaml-L1\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"1\"><\/td>\n          <td id=\"file-cert-test-yaml-LC1\" class=\"blob-code blob-code-inner js-file-line\">apiVersion: cert-manager.io\/v1<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-cert-test-yaml-L2\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"2\"><\/td>\n          <td id=\"file-cert-test-yaml-LC2\" class=\"blob-code blob-code-inner js-file-line\">kind: Certificate<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-cert-test-yaml-L3\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"3\"><\/td>\n          <td id=\"file-cert-test-yaml-LC3\" class=\"blob-code blob-code-inner js-file-line\">metadata:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-cert-test-yaml-L4\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"4\"><\/td>\n          <td id=\"file-cert-test-yaml-LC4\" class=\"blob-code blob-code-inner js-file-line\">  name: cert-manager-staging-test-cert<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-cert-test-yaml-L5\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"5\"><\/td>\n          <td id=\"file-cert-test-yaml-LC5\" class=\"blob-code blob-code-inner js-file-line\">  namespace: default<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-cert-test-yaml-L6\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"6\"><\/td>\n          <td id=\"file-cert-test-yaml-LC6\" class=\"blob-code blob-code-inner js-file-line\">spec:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-cert-test-yaml-L7\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"7\"><\/td>\n          <td id=\"file-cert-test-yaml-LC7\" class=\"blob-code blob-code-inner js-file-line\">  secretName: cert-manager-staging-test-staging-secret<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-cert-test-yaml-L8\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"8\"><\/td>\n          <td id=\"file-cert-test-yaml-LC8\" class=\"blob-code blob-code-inner js-file-line\">  issuerRef:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-cert-test-yaml-L9\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"9\"><\/td>\n          <td id=\"file-cert-test-yaml-LC9\" class=\"blob-code blob-code-inner js-file-line\">    name: cert-manager-staging-test<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-cert-test-yaml-L10\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"10\"><\/td>\n          <td id=\"file-cert-test-yaml-LC10\" class=\"blob-code blob-code-inner js-file-line\">    kind: ClusterIssuer<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-cert-test-yaml-L11\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"11\"><\/td>\n          <td id=\"file-cert-test-yaml-LC11\" class=\"blob-code blob-code-inner js-file-line\">  commonName: &#39;*.example.com&#39;<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-cert-test-yaml-L12\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"12\"><\/td>\n          <td id=\"file-cert-test-yaml-LC12\" class=\"blob-code blob-code-inner js-file-line\">  dnsNames:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-cert-test-yaml-L13\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"13\"><\/td>\n          <td id=\"file-cert-test-yaml-LC13\" class=\"blob-code blob-code-inner js-file-line\">  &#8211; &#39;*.example.com&#39;<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-cert-test-yaml-L14\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"14\"><\/td>\n          <td id=\"file-cert-test-yaml-LC14\" class=\"blob-code blob-code-inner js-file-line\">  &#8211; &#39;example.com&#39;<\/td>\n        <\/tr>\n  <\/table>\n<\/div>\n\n\n    <\/div>\n\n  <\/div>\n\n<\/div>\n\n      <\/div>\n      <div class=\"gist-meta\">\n        <a href=\"https:\/\/gist.github.com\/b44rawat\/c2ccf1d6296b6838d7790a517cf26f46\/raw\/d1e691f09d9c97b2f93fc2270b3844f5540e28e4\/cert-test.yaml\" style=\"float:right\" class=\"Link--inTextBlock\" target=\"_blank\" rel=\"noopener\">view raw<\/a>\n        <a href=\"https:\/\/gist.github.com\/b44rawat\/c2ccf1d6296b6838d7790a517cf26f46#file-cert-test-yaml\" class=\"Link--inTextBlock\" target=\"_blank\" rel=\"noopener\">\n          cert-test.yaml\n        <\/a>\n        hosted with &#10084; by <a class=\"Link--inTextBlock\" href=\"https:\/\/github.com\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>\n      <\/div>\n    <\/div>\n<\/div>\n\n<\/div><\/figure>\n\n\n\n<p>Once you created manifest file containing certificates changes. Apply the above changes<\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">kubectl apply -f cert-test.yaml<\/pre>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/1e66c-1ivcdoncvfouo0w3skor70g.png\" alt=\"\" \/><\/figure>\n\n\n\n<p>Once, you create, you can check Route 53 [On account Y] to validate the TXT record created by cert-manager.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">_acme-challenge.example.com.xyz TXT Multivalue answer-  \"QCGSHgXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\"<\/pre>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/01fd9-1ak_omc9usic6bhu9mgvx9w.png\" alt=\"\" \/><\/figure>\n\n\n\n<p>Once, you check or validate, you can use the below command to validate whether the certificates are ready to use or not.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">kubectl get certificates -n test<\/pre>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/43ba3-1st60atd8vj4av4ku0ip-da.png\" alt=\"\" \/><\/figure>\n\n\n\n<p>You can also describe or check the content secret created by certificate CR.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">kubectl describe secret cert-manager-staging-test-staging-secret -n test<\/pre>\n\n\n\n<p>OUTPUT:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">Data<br>====<br>tls.key:  1675 bytes<br>tls.crt:  5753 bytes<\/pre>\n\n\n\n<p>Cert manager Certificate logs<\/p>\n\n\n\n<pre class=\"wp-block-preformatted has-white-color has-dark-gray-background-color has-text-color has-background\">I0817 19:21:19.993429       1 conditions.go:201] Setting lastTransitionTime for Certificate \"cert-manager-staging-test-cert\" condition \"Ready\" to 2022-08-17 19:21:19.993418389 +0000 UTC m=+2622.744044690\nI0817 19:21:19.994199       1 trigger_controller.go:200] cert-manager\/certificates-trigger \"msg\"=\"Certificate must be re-issued\" \"key\"=\"test\/cert-manager-staging-test-cert\" \"message\"=\"Issuing certificate as Secret does not exist\" \"reason\"=\"DoesNotExist\"\nI0817 19:21:19.994220       1 conditions.go:201] Setting lastTransitionTime for Certificate \"cert-manager-staging-test-cert\" condition \"Issuing\" to 2022-08-17 19:21:19.994216003 +0000 UTC m=+2622.744842295\nI0817 19:21:20.073511       1 controller.go:161] cert-manager\/certificates-readiness \"msg\"=\"re-queuing item due to optimistic locking on resource\" \"error\"=\"Operation cannot be fulfilled on certificates.cert-manager.io \\\"cert-manager-staging-test-cert\\\": the object has been modified; please apply your changes to the latest version and try again\" \"key\"=\"test\/cert-manager-staging-test-cert\"\nI0817 19:21:20.073583       1 conditions.go:201] Setting lastTransitionTime for Certificate \"cert-manager-staging-test-cert\" condition \"Ready\" to 2022-08-17 19:21:20.073575848 +0000 UTC m=+2622.824202143\nI0817 19:21:20.358802       1 controller.go:161] cert-manager\/certificates-key-manager \"msg\"=\"re-queuing item due to optimistic locking on resource\" \"error\"=\"Operation cannot be fulfilled on certificates.cert-manager.io \\\"cert-manager-staging-test-cert\\\": the object has been modified; please apply your changes to the latest version and try again\" \"key\"=\"test\/cert-manager-staging-test-cert\"\nI0817 19:21:20.388505       1 conditions.go:261] Setting lastTransitionTime for CertificateRequest \"cert-manager-staging-test-cert-qd447\" condition \"Approved\" to 2022-08-17 19:21:20.388478055 +0000 UTC m=+2623.139104353\nI0817 19:21:20.439792       1 conditions.go:261] Setting lastTransitionTime for CertificateRequest \"cert-manager-staging-test-cert-qd447\" condition \"Ready\" to 2022-08-17 19:21:20.439781619 +0000 UTC m=+2623.190407917\nI0817 19:21:20.455394       1 conditions.go:261] Setting lastTransitionTime for CertificateRequest \"cert-manager-staging-test-cert-qd447\" condition \"Ready\" to 2022-08-17 19:21:20.455383292 +0000 UTC m=+2623.206009583\nI0817 19:21:20.470152       1 controller.go:161] cert-manager\/certificaterequests-issuer-acme \"msg\"=\"re-queuing item due to optimistic locking on resource\" \"error\"=\"Operation cannot be fulfilled on certificaterequests.cert-manager.io \\\"cert-manager-staging-test-cert-qd447\\\": the object has been modified; please apply your changes to the latest version and try again\" \"key\"=\"test\/cert-manager-staging-test-cert-qd447\"<\/pre>\n\n\n\n<p>Now, you can use the above certificates in any kind of resource like an ingress controller, service mesh, etc.<\/p>\n\n\n\n<p><strong>NOTE:<\/strong> To know more about certificates &amp; cluster issuers, visit the official documentation provided by the cert-manager.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How-To<\/h3>\n\n\n\n<p>Now, these certificates can use anywhere where you specify these certificates. But for this section, we will only focus on ingress object.<\/p>\n\n\n\n<p>Check the below ingress manifest containing rules and it also contains the secret that was created through a cert-manager certificate.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-embed-handler wp-block-embed-embed-handler\"><div class=\"wp-block-embed__wrapper\">\n<style>.gist table { margin-bottom: 0; }<\/style><div style=\"tab-size: 8\" id=\"gist121321050\" class=\"gist\">\n    <div class=\"gist-file\" translate=\"no\" data-color-mode=\"light\" data-light-theme=\"light\">\n      <div class=\"gist-data\">\n        \n<div class=\"js-gist-file-update-container js-task-list-container\">\n      <div id=\"file-ingress-to-test-cert-manager-yaml\" class=\"file my-2\">\n    \n    <div itemprop=\"text\"\n      class=\"Box-body p-0 blob-wrapper data type-yaml  \"\n      style=\"overflow: auto\" tabindex=\"0\" role=\"region\"\n      aria-label=\"ingress-to-test-cert-manager.yaml content, created by b44rawat on 04:58PM on March 09, 2023.\"\n    >\n\n        \n<div class=\"js-check-hidden-unicode js-blob-code-container blob-code-content\">\n\n  <template class=\"js-file-alert-template\">\n  <div data-view-component=\"true\" class=\"flash flash-warn flash-full d-flex flex-items-center\">\n  <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-alert\">\n    <path d=\"M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z\"><\/path>\n<\/svg>\n    <span>\n      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.\n      <a class=\"Link--inTextBlock\" href=\"https:\/\/github.co\/hiddenchars\" target=\"_blank\" rel=\"noopener\">Learn more about bidirectional Unicode characters<\/a>\n    <\/span>\n\n\n  <div data-view-component=\"true\" class=\"flash-action\">        <a href=\"{{ revealButtonHref }}\" data-view-component=\"true\" class=\"btn-sm btn\">    Show hidden characters\n<\/a>\n<\/div>\n<\/div><\/template>\n<template class=\"js-line-alert-template\">\n  <span aria-label=\"This line has hidden Unicode characters\" data-view-component=\"true\" class=\"line-alert tooltipped tooltipped-e\">\n    <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-alert\">\n    <path d=\"M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z\"><\/path>\n<\/svg>\n<\/span><\/template>\n\n  <table data-hpc class=\"highlight tab-size js-file-line-container\" data-tab-size=\"4\" data-paste-markdown-skip data-tagsearch-path=\"ingress-to-test-cert-manager.yaml\">\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L1\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"1\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC1\" class=\"blob-code blob-code-inner js-file-line\">apiVersion: networking.k8s.io\/v1<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L2\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"2\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC2\" class=\"blob-code blob-code-inner js-file-line\">kind: Ingress<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L3\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"3\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC3\" class=\"blob-code blob-code-inner js-file-line\">metadata:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L4\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"4\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC4\" class=\"blob-code blob-code-inner js-file-line\">  name: test-ingress<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L5\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"5\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC5\" class=\"blob-code blob-code-inner js-file-line\">  namespace: default<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L6\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"6\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC6\" class=\"blob-code blob-code-inner js-file-line\">  annotations:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L7\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"7\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC7\" class=\"blob-code blob-code-inner js-file-line\">    kubernetes.io\/ingress.class: nginx<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L8\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"8\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC8\" class=\"blob-code blob-code-inner js-file-line\">    nginx.ingress.kubernetes.io\/rewrite-target: \/<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L9\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"9\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC9\" class=\"blob-code blob-code-inner js-file-line\">    # cert-manager.io\/issuer: &quot;cert-manager-staging-test&quot;<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L10\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"10\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC10\" class=\"blob-code blob-code-inner js-file-line\">spec:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L11\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"11\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC11\" class=\"blob-code blob-code-inner js-file-line\">  rules:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L12\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"12\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC12\" class=\"blob-code blob-code-inner js-file-line\">    &#8211; host: example.com<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L13\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"13\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC13\" class=\"blob-code blob-code-inner js-file-line\">      http:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L14\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"14\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC14\" class=\"blob-code blob-code-inner js-file-line\">        paths:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L15\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"15\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC15\" class=\"blob-code blob-code-inner js-file-line\">          &#8211; path: \/<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L16\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"16\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC16\" class=\"blob-code blob-code-inner js-file-line\">            pathType: Prefix<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L17\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"17\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC17\" class=\"blob-code blob-code-inner js-file-line\">            backend:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L18\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"18\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC18\" class=\"blob-code blob-code-inner js-file-line\">              service:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L19\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"19\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC19\" class=\"blob-code blob-code-inner js-file-line\">                name: nginx-service<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L20\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"20\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC20\" class=\"blob-code blob-code-inner js-file-line\">                port:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L21\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"21\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC21\" class=\"blob-code blob-code-inner js-file-line\">                  number: 80<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L22\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"22\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC22\" class=\"blob-code blob-code-inner js-file-line\">  tls:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L23\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"23\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC23\" class=\"blob-code blob-code-inner js-file-line\">    &#8211; hosts:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L24\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"24\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC24\" class=\"blob-code blob-code-inner js-file-line\">      &#8211; example.com<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-L25\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"25\"><\/td>\n          <td id=\"file-ingress-to-test-cert-manager-yaml-LC25\" class=\"blob-code blob-code-inner js-file-line\">      secretName: cert-manager-staging-test-cert<\/td>\n        <\/tr>\n  <\/table>\n<\/div>\n\n\n    <\/div>\n\n  <\/div>\n\n<\/div>\n\n      <\/div>\n      <div class=\"gist-meta\">\n        <a href=\"https:\/\/gist.github.com\/b44rawat\/368c7c7d0f5f21e237f38ad59bd1a8f0\/raw\/e11d503c4e91d9860cb38c2a3700b882ca242503\/ingress-to-test-cert-manager.yaml\" style=\"float:right\" class=\"Link--inTextBlock\" target=\"_blank\" rel=\"noopener\">view raw<\/a>\n        <a href=\"https:\/\/gist.github.com\/b44rawat\/368c7c7d0f5f21e237f38ad59bd1a8f0#file-ingress-to-test-cert-manager-yaml\" class=\"Link--inTextBlock\" target=\"_blank\" rel=\"noopener\">\n          ingress-to-test-cert-manager.yaml\n        <\/a>\n        hosted with &#10084; by <a class=\"Link--inTextBlock\" href=\"https:\/\/github.com\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>\n      <\/div>\n    <\/div>\n<\/div>\n\n<\/div><\/figure>\n\n\n\n<p>Once applied, check browser and check TLS<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/efeed-1vitjhgfad37ptlwyh-5jza.png\" alt=\"\" \/><\/figure>\n\n\n\n<p>Check certificate details, you will see staging certificate issued by Let\u2019s encrypt.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/f6f2b-1teduebe-pjhxdmn6aiwbwg.png\" alt=\"\" \/><\/figure>\n\n\n\n<p>The above certificate is just to validate for testing purposes or only for staging purposes.<\/p>\n\n\n\n<p>To implement for a production environment, use the following server URL in clusterIssuer YAML.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><a href=\"https:\/\/acme-v02.api.letsencrypt.org\/directory\" rel=\"noreferrer noopener\" target=\"_blank\">https:\/\/acme-v02.api.letsencrypt.org\/directory<\/a><\/pre>\n\n\n\n<p>YAML:<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-embed-handler wp-block-embed-embed-handler\"><div class=\"wp-block-embed__wrapper\">\n<style>.gist table { margin-bottom: 0; }<\/style><div style=\"tab-size: 8\" id=\"gist121321063\" class=\"gist\">\n    <div class=\"gist-file\" translate=\"no\" data-color-mode=\"light\" data-light-theme=\"light\">\n      <div class=\"gist-data\">\n        \n<div class=\"js-gist-file-update-container js-task-list-container\">\n      <div id=\"file-clusterissuer-prod-yaml\" class=\"file my-2\">\n    \n    <div itemprop=\"text\"\n      class=\"Box-body p-0 blob-wrapper data type-yaml  \"\n      style=\"overflow: auto\" tabindex=\"0\" role=\"region\"\n      aria-label=\"clusterissuer-prod.yaml content, created by b44rawat on 04:59PM on March 09, 2023.\"\n    >\n\n        \n<div class=\"js-check-hidden-unicode js-blob-code-container blob-code-content\">\n\n  <template class=\"js-file-alert-template\">\n  <div data-view-component=\"true\" class=\"flash flash-warn flash-full d-flex flex-items-center\">\n  <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-alert\">\n    <path d=\"M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z\"><\/path>\n<\/svg>\n    <span>\n      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.\n      <a class=\"Link--inTextBlock\" href=\"https:\/\/github.co\/hiddenchars\" target=\"_blank\" rel=\"noopener\">Learn more about bidirectional Unicode characters<\/a>\n    <\/span>\n\n\n  <div data-view-component=\"true\" class=\"flash-action\">        <a href=\"{{ revealButtonHref }}\" data-view-component=\"true\" class=\"btn-sm btn\">    Show hidden characters\n<\/a>\n<\/div>\n<\/div><\/template>\n<template class=\"js-line-alert-template\">\n  <span aria-label=\"This line has hidden Unicode characters\" data-view-component=\"true\" class=\"line-alert tooltipped tooltipped-e\">\n    <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-alert\">\n    <path d=\"M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z\"><\/path>\n<\/svg>\n<\/span><\/template>\n\n  <table data-hpc class=\"highlight tab-size js-file-line-container\" data-tab-size=\"4\" data-paste-markdown-skip data-tagsearch-path=\"clusterissuer-prod.yaml\">\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L1\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"1\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC1\" class=\"blob-code blob-code-inner js-file-line\">apiVersion: cert-manager.io\/v1<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L2\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"2\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC2\" class=\"blob-code blob-code-inner js-file-line\">kind: ClusterIssuer<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L3\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"3\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC3\" class=\"blob-code blob-code-inner js-file-line\">metadata:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L4\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"4\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC4\" class=\"blob-code blob-code-inner js-file-line\">  name: cert-manager-staging-test<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L5\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"5\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC5\" class=\"blob-code blob-code-inner js-file-line\">spec:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L6\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"6\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC6\" class=\"blob-code blob-code-inner js-file-line\">  acme:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L7\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"7\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC7\" class=\"blob-code blob-code-inner js-file-line\">    email: xxxxx-xxxxx@xxxxx.xxx<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L8\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"8\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC8\" class=\"blob-code blob-code-inner js-file-line\">    server: https:\/\/acme-v02.api.letsencrypt.org\/directory<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L9\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"9\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC9\" class=\"blob-code blob-code-inner js-file-line\">    privateKeySecretRef:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L10\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"10\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC10\" class=\"blob-code blob-code-inner js-file-line\">      name: cert-manager-staging-test-secret<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L11\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"11\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC11\" class=\"blob-code blob-code-inner js-file-line\">    solvers:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L12\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"12\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC12\" class=\"blob-code blob-code-inner js-file-line\">    &#8211; selector:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L13\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"13\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC13\" class=\"blob-code blob-code-inner js-file-line\">        dnsZones:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L14\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"14\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC14\" class=\"blob-code blob-code-inner js-file-line\">          &#8211; &quot;*.example.com&quot;<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L15\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"15\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC15\" class=\"blob-code blob-code-inner js-file-line\">          &#8211; &quot;example.com&quot;<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L16\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"16\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC16\" class=\"blob-code blob-code-inner js-file-line\">      dns01:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L17\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"17\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC17\" class=\"blob-code blob-code-inner js-file-line\">        route53:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L18\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"18\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC18\" class=\"blob-code blob-code-inner js-file-line\">          region: us-east-1<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L19\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"19\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC19\" class=\"blob-code blob-code-inner js-file-line\">          hostedZoneID: ZO61XXXXXXXXXXXXX<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L20\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"20\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC20\" class=\"blob-code blob-code-inner js-file-line\">          accessKeyID: AKIAXXXXXXXXXXXXXX<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L21\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"21\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC21\" class=\"blob-code blob-code-inner js-file-line\">          secretAccessKeySecretRef:<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L22\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"22\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC22\" class=\"blob-code blob-code-inner js-file-line\">            name: awssecretkey<\/td>\n        <\/tr>\n        <tr>\n          <td id=\"file-clusterissuer-prod-yaml-L23\" class=\"blob-num js-line-number js-blob-rnum\" data-line-number=\"23\"><\/td>\n          <td id=\"file-clusterissuer-prod-yaml-LC23\" class=\"blob-code blob-code-inner js-file-line\">            key: secret-access-key<\/td>\n        <\/tr>\n  <\/table>\n<\/div>\n\n\n    <\/div>\n\n  <\/div>\n\n<\/div>\n\n      <\/div>\n      <div class=\"gist-meta\">\n        <a href=\"https:\/\/gist.github.com\/b44rawat\/c31ba6aae766c8deb5a8b2cad283f12a\/raw\/21741a04856bd1b449cb2a03acd6b6067c898d3f\/clusterissuer-prod.yaml\" style=\"float:right\" class=\"Link--inTextBlock\" target=\"_blank\" rel=\"noopener\">view raw<\/a>\n        <a href=\"https:\/\/gist.github.com\/b44rawat\/c31ba6aae766c8deb5a8b2cad283f12a#file-clusterissuer-prod-yaml\" class=\"Link--inTextBlock\" target=\"_blank\" rel=\"noopener\">\n          clusterissuer-prod.yaml\n        <\/a>\n        hosted with &#10084; by <a class=\"Link--inTextBlock\" href=\"https:\/\/github.com\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>\n      <\/div>\n    <\/div>\n<\/div>\n\n<\/div><\/figure>\n\n\n\n<p>Once, you added and repeated the above steps, you will get valid certificates.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2023\/03\/d6570-1l9mfgpuhhmggh7efd_e7bw.png\" alt=\"\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>REFERENCES<\/strong><\/h3>\n\n\n\n<ul>\n<li><a href=\"https:\/\/unsplash.com\/photos\/0vGohk5aw6E\" rel=\"noreferrer noopener\" target=\"_blank\">https:\/\/unsplash.com\/photos\/0vGohk5aw6E<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/cert-manager.io\/docs\/\" rel=\"noreferrer noopener\" target=\"_blank\">https:\/\/cert-manager.io\/docs\/<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/kubernetes.io\/docs\/concepts\/services-networking\/ingress\/\" rel=\"noreferrer noopener\" target=\"_blank\">https:\/\/kubernetes.io\/docs\/concepts\/services-networking\/ingress\/<\/a><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">CONNECT WITH&nbsp;ME<\/h3>\n\n\n\n<ul>\n<li><a href=\"https:\/\/github.com\/b44rawat\" rel=\"noreferrer noopener\" target=\"_blank\">https:\/\/github.com\/b44rawat<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/www.linkedin.com\/in\/bhupender-rawat-91a15a117\/\" target=\"_blank\">https:\/\/www.linkedin.com\/in\/bhupender-rawat-91a15a117\/<\/a><\/li>\n<\/ul>\n\n\n\n<p class=\"has-text-align-justify\"><strong>Blog Pundit:  <a href=\"https:\/\/www.linkedin.com\/in\/sanjeevpandey18\/\" target=\"_blank\" rel=\"noreferrer noopener\">Sanjeev Pandey<\/a> and <a rel=\"noreferrer noopener\" href=\"https:\/\/opstree.com\/blog\/\/author\/sandeep7c51ad81ba\/\" target=\"_blank\">Sandeep Rawat<\/a><\/strong><\/p>\n\n\n\n<p><strong><a href=\"https:\/\/opstree.com\/contact-us\/?utm_source=WordPress&amp;utm_medium=Blog&amp;utm_campaign=Cert-Manager+Issuer+for+Cross-Account+Route+53+%5B+EKS%C2%A0%5D\" target=\"_blank\" rel=\"noreferrer noopener\">Opstree<\/a><\/strong>&nbsp;is an End to End DevOps solution provider.<\/p>\n\n\n\n<div class=\"wp-block-buttons is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button\"><a class=\"wp-block-button__link wp-element-button\" href=\"https:\/\/opstree.com\/contact-us\/?utm_source=WordPress&amp;utm_medium=Blog&amp;utm_campaign=Cert-Manager+Issuer+for+Cross-Account+Route+53+%5B+EKS%C2%A0%5D\" target=\"_blank\" rel=\"noreferrer noopener\">CONTACT US<\/a><\/div>\n<\/div>\n\n\n\n<p class=\"has-text-align-center\"><strong>Connect with Us<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-social-links aligncenter is-content-justification-center is-layout-flex wp-container-core-social-links-is-layout-1 wp-block-social-links-is-layout-flex\"><li class=\"wp-social-link wp-social-link-linkedin  wp-block-social-link\"><a href=\"https:\/\/www.linkedin.com\/company\/opstree-solutions\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M19.7,3H4.3C3.582,3,3,3.582,3,4.3v15.4C3,20.418,3.582,21,4.3,21h15.4c0.718,0,1.3-0.582,1.3-1.3V4.3 C21,3.582,20.418,3,19.7,3z M8.339,18.338H5.667v-8.59h2.672V18.338z M7.004,8.574c-0.857,0-1.549-0.694-1.549-1.548 c0-0.855,0.691-1.548,1.549-1.548c0.854,0,1.547,0.694,1.547,1.548C8.551,7.881,7.858,8.574,7.004,8.574z M18.339,18.338h-2.669 v-4.177c0-0.996-0.017-2.278-1.387-2.278c-1.389,0-1.601,1.086-1.601,2.206v4.249h-2.667v-8.59h2.559v1.174h0.037 c0.356-0.675,1.227-1.387,2.526-1.387c2.703,0,3.203,1.779,3.203,4.092V18.338z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">LinkedIn<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-youtube  wp-block-social-link\"><a href=\"https:\/\/www.youtube.com\/channel\/UCeLma6SpNYH7jjYKSBNSexw\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M21.8,8.001c0,0-0.195-1.378-0.795-1.985c-0.76-0.797-1.613-0.801-2.004-0.847c-2.799-0.202-6.997-0.202-6.997-0.202 h-0.009c0,0-4.198,0-6.997,0.202C4.608,5.216,3.756,5.22,2.995,6.016C2.395,6.623,2.2,8.001,2.2,8.001S2,9.62,2,11.238v1.517 c0,1.618,0.2,3.237,0.2,3.237s0.195,1.378,0.795,1.985c0.761,0.797,1.76,0.771,2.205,0.855c1.6,0.153,6.8,0.201,6.8,0.201 s4.203-0.006,7.001-0.209c0.391-0.047,1.243-0.051,2.004-0.847c0.6-0.607,0.795-1.985,0.795-1.985s0.2-1.618,0.2-3.237v-1.517 C22,9.62,21.8,8.001,21.8,8.001z M9.935,14.594l-0.001-5.62l5.404,2.82L9.935,14.594z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">YouTube<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-github  wp-block-social-link\"><a href=\"https:\/\/github.com\/OpsTree\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M12,2C6.477,2,2,6.477,2,12c0,4.419,2.865,8.166,6.839,9.489c0.5,0.09,0.682-0.218,0.682-0.484 c0-0.236-0.009-0.866-0.014-1.699c-2.782,0.602-3.369-1.34-3.369-1.34c-0.455-1.157-1.11-1.465-1.11-1.465 c-0.909-0.62,0.069-0.608,0.069-0.608c1.004,0.071,1.532,1.03,1.532,1.03c0.891,1.529,2.341,1.089,2.91,0.833 c0.091-0.647,0.349-1.086,0.635-1.337c-2.22-0.251-4.555-1.111-4.555-4.943c0-1.091,0.39-1.984,1.03-2.682 C6.546,8.54,6.202,7.524,6.746,6.148c0,0,0.84-0.269,2.75,1.025C10.295,6.95,11.15,6.84,12,6.836 c0.85,0.004,1.705,0.114,2.504,0.336c1.909-1.294,2.748-1.025,2.748-1.025c0.546,1.376,0.202,2.394,0.1,2.646 c0.64,0.699,1.026,1.591,1.026,2.682c0,3.841-2.337,4.687-4.565,4.935c0.359,0.307,0.679,0.917,0.679,1.852 c0,1.335-0.012,2.415-0.012,2.741c0,0.269,0.18,0.579,0.688,0.481C19.138,20.161,22,16.416,22,12C22,6.477,17.523,2,12,2z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">GitHub<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-facebook  wp-block-social-link\"><a href=\"https:\/\/www.facebook.com\/opstree\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M12 2C6.5 2 2 6.5 2 12c0 5 3.7 9.1 8.4 9.9v-7H7.9V12h2.5V9.8c0-2.5 1.5-3.9 3.8-3.9 1.1 0 2.2.2 2.2.2v2.5h-1.3c-1.2 0-1.6.8-1.6 1.6V12h2.8l-.4 2.9h-2.3v7C18.3 21.1 22 17 22 12c0-5.5-4.5-10-10-10z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Facebook<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-medium  wp-block-social-link\"><a href=\"https:\/\/medium.com\/buildpiper\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M20.962,7.257l-5.457,8.867l-3.923-6.375l3.126-5.08c0.112-0.182,0.319-0.286,0.527-0.286c0.05,0,0.1,0.008,0.149,0.02 c0.039,0.01,0.078,0.023,0.114,0.041l5.43,2.715l0.006,0.003c0.004,0.002,0.007,0.006,0.011,0.008 C20.971,7.191,20.98,7.227,20.962,7.257z M9.86,8.592v5.783l5.14,2.57L9.86,8.592z M15.772,17.331l4.231,2.115 C20.554,19.721,21,19.529,21,19.016V8.835L15.772,17.331z M8.968,7.178L3.665,4.527C3.569,4.479,3.478,4.456,3.395,4.456 C3.163,4.456,3,4.636,3,4.938v11.45c0,0.306,0.224,0.669,0.498,0.806l4.671,2.335c0.12,0.06,0.234,0.088,0.337,0.088 c0.29,0,0.494-0.225,0.494-0.602V7.231C9,7.208,8.988,7.188,8.968,7.178z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Medium<\/span><\/a><\/li><\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Cert-Manager is a very powerful tool when we talk about managing TLS certificates &amp; issuers and no other tool comes near the Cert-Manager for kubernetes in terms of open source, visibility, documentation, installation option, integration, and many more. Even with the same account or cross-account option, there is a direct integration option provided by cert-manager &hellip; <a href=\"https:\/\/opstree.com\/blog\/2023\/03\/21\/cert-manager-issuer-for-cross-account-route-53-eks\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Cert-Manager Issuer for Cross-Account Route 53 [ EKS\u00a0]&#8221;<\/span><\/a><\/p>\n","protected":false},"author":192321000,"featured_media":29900,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[28070474],"tags":[89568553,768739308,676319247,421790,768739309,4996032],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/opstree.com\/blog\/wp-content\/uploads\/2025\/11\/DevSecOps-1.jpg","jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pfDBOm-21V","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/7807"}],"collection":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/users\/192321000"}],"replies":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/comments?post=7807"}],"version-history":[{"count":25,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/7807\/revisions"}],"predecessor-version":[{"id":13355,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/7807\/revisions\/13355"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/media\/29900"}],"wp:attachment":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/media?parent=7807"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/categories?post=7807"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/tags?post=7807"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}