54 lines
925 B
YAML
54 lines
925 B
YAML
apiVersion: cert-manager.io/v1
|
|
kind: Issuer
|
|
metadata:
|
|
name: postgresql-ca-issuer
|
|
spec:
|
|
selfSigned: {}
|
|
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: postgresql-ca
|
|
spec:
|
|
isCA: true
|
|
commonName: PostgreSQL CA
|
|
secretName: postgresql-ca
|
|
duration: 96360h
|
|
privateKey:
|
|
algorithm: ECDSA
|
|
size: 256
|
|
issuerRef:
|
|
name: postgresql-ca-issuer
|
|
kind: Issuer
|
|
group: cert-manager.io
|
|
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Issuer
|
|
metadata:
|
|
name: postgresql-issuer
|
|
spec:
|
|
ca:
|
|
secretName: postgresql-ca
|
|
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: default
|
|
spec:
|
|
secretName: default-cert
|
|
dnsNames:
|
|
- default.postgresql.svc.cluster.local
|
|
- default.postgresql.svc
|
|
- default.postgresql
|
|
- default
|
|
issuerRef:
|
|
group: cert-manager.io
|
|
kind: Issuer
|
|
name: postgresql-issuer
|
|
privateKey:
|
|
algorithm: ECDSA
|
|
rotationPolicy: Always
|