Lets encrypt self signed certificate auto-renewal or not

gsingh86 · July 4, 2023, 9:36am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: No domain(Its self signed cert)

I ran this command:
k get certificate
NAME READY SECRET AGE
letsencrypt-ca True letsencrypt-ca 43m

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod
spec:
  selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: letsencrypt-ca
  namespace: sandbox
spec:
  ca:
    secretName: letsencrypt-ca
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: letsencrypt-ca
  namespace: sandbox
spec:
  isCA: true
  commonName: osm-system
  secretName: letsencrypt-ca
  issuerRef:
    name: letsencrypt-prod
    kind: ClusterIssuer
    group: cert-manager.io

It produced this output: It has created a certificate, my Question is that its a self signed certificate we have generated to use it across some services IP addresses.Can it act as a self renewal certificate in future?
Please confirm. Thanks.

danb35 · July 4, 2023, 2:22pm

If you're using a self-signed cert, then you aren't using a cert from Let's Encrypt. You're also not using software from Let's Encrypt.

No idea; you haven't even specified what software you're using to try to get whatever cert you got, though the section you posted (of whatever it was) suggests you're using cert-manager, which would in turn suggest you're using Traefik. You'd likely find more help in whatever support channels exist for Traefik and/or cert-manager.

Some suggestions:

system · August 3, 2023, 2:22pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.