Posts

So far I have been exposing my services on service-name.k8s.server.paul.grozav.info, and used cert-manager to generate a certificate for each sub-domain, for each service-name. Certificates are issued by Let’s Encrypt, so before issuing a certificate for a specific domain, LE (Let’s Encrypt) needs to verify you are the owner of that domain. And the proof of ownership is done using a challenge. For specific domain certificate requests, an http challenge is enough. LE can make an HTTP request and expect a token in response, to prove you own that domain.

Check out my site: https://paul.grozav.info/ !