diff --git a/docs/user-guide/certificate/README.md b/docs/user-guide/certificate/README.md index 7286cc0c8..00bbf442e 100644 --- a/docs/user-guide/certificate/README.md +++ b/docs/user-guide/certificate/README.md @@ -1,4 +1,20 @@ -## Certificates +# Certificate + +Voyager comes with a built-in certificate manager that can issue free TLS/SSL certificates from Let's Encrypt. + + +Voyager can automatically provision and refresh SSL certificates issued from Let's Encrypt using a custom Kubernetes Certificate resource. + +Features + +Provision free TLS certificates from Let's Encrypt, +Manage issued certificates using a Kubernetes Third Party Resource, +Domain validation using ACME dns-01 challenges, +Support for multiple DNS providers, +Auto Renew Certificates, +Use issued Certificates with Ingress to Secure Communications. + + Voyager manages certificates objects to create Certificates default from Let's Encrypt. ### Core features of AppsCode Certificates: diff --git a/docs/user-guide/certificate/create.md b/docs/user-guide/certificate/create.md index 24c53fd59..1ff3fe73d 100644 --- a/docs/user-guide/certificate/create.md +++ b/docs/user-guide/certificate/create.md @@ -30,6 +30,17 @@ data: ACME_EMAIL: test@appscode.com ``` +Create ACME User Secret with key ACME_EMAIL. +```yaml +kind: Secret +metadata: + name: test-user-secret + namespace: default +data: + ACME_EMAIL: test@appscode.com + ACME_SERVER_URL: https://acme-staging.api.letsencrypt.org/directory +``` + Create the Certificate resource. ```yaml apiVersion: voyager.appscode.com/v1beta1 diff --git a/docs/user-guide/certificate/provider.md b/docs/user-guide/certificate/provider.md index 33315e930..95b752923 100644 --- a/docs/user-guide/certificate/provider.md +++ b/docs/user-guide/certificate/provider.md @@ -1,14 +1,16 @@ -# Configuring your challenge provider(s) +# Let's Encrypt Challenge Providers + +## http-01 +HTTP Provider will requires an running [Ingress](/docs/user-guide/ingress) reference to resolve with. +Reference an Ingress name for http provider. Ingress IP should be setted as domain A record in its provider. +Read how to create certificate using [HTTP Provider](/docs/user-guide/certificate/create.md#create-certificate-with-http-provider) + ## DNS Providers Voyager uses kubernetes secret within the pod to fetch credentials required for various DNS providers. Making those correctly accessible to Voyager will require specifying the secret name inside an certificate objects. The Secret will need the Key name exactly provided. -### HTTP (beta) -HTTP Provider will requires an running [Ingress](/docs/user-guide/ingress) reference to resolve with. -Reference an Ingress name for http provider. Ingress IP should be setted as domain A record in its provider. -Read how to create certificate using [HTTP Provider](/docs/user-guide/certificate/create.md#create-certificate-with-http-provider) ### Cloudflare `CLOUDFLARE_EMAIL`: The email of the cloudflare user