Certificate for sub path

Hi all
my site is hosted on Google Cloud Kubernetes Engine and I am leveraging cert-manager to retrieve certificate and it works fine. My domain is “oghani.com” .
However, I am trying to obtain another certificate for “viewk.com” that will be forwarded to same service at oghani.com but at a subpath level, for example at “example.com/client/xyz” or “example.com/client?xyz

my certificate file looks like following

apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
name: oghani-com-tls
spec:
secretName: oghani-com
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
commonName: oghani.com
dnsNames:
- oghani.com
- www.oghani.com
acme:
config:
- http01:
ingressClass: nginx
domains:
- oghani.com
- www.oghani.com

my certificate-viewk.yaml file looks like following

apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
name: viewk-com-tls
spec:
secretName: viewk-com
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
commonName: viewk.com
dnsNames:
- viewk.com
- www.viewk.com
acme:
config:
- http01:
ingressClass: nginx
domains:
- viewk.com
- www.viewk.com

my ingress service yaml looks like following

apiVersion: networking.k8s.io/v1

apiVersion: extensions/v1beta1

kind: Ingress
metadata:
name: ingress-service
namespace: ingress-service
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /
cert-manager.io/cluster-issuer: ‘letsencrypt-prod’
nginx.ingress.kubernetes.io/ssl-redirect: ‘true’
kubernetes.io/tls-acme: “true”
spec:
tls:
- hosts:
- oghani.com
- www.oghani.com
secretName: oghani-com
- viewk.com
- www.viewk.com
secretName: viewk-com
rules:
- host: oghani.com
http:
paths:
- path: /
backend:
serviceName: server-cluster-ip-service
servicePort: 8080
- host: www.oghani.com
http:
paths:
- path: /
backend:
serviceName: server-cluster-ip-service
servicePort: 8080
- host: viewk.com
http:
paths:
- path: /fib
backend:
serviceName: server-cluster-ip-service
servicePort: 8080
- host: www.viewk.com
http:
paths:
- path: /fib
backend:
serviceName: server-cluster-ip-service
servicePort: 8080

oghani.com and www.oghani.com works fine.
I am new to this implementation, so I am not even sure whats the best practice to handle such scenarios.
any help is much appreciated

Thank You
Ozzie

1 Like