I've put in place a master and some slaves, I've also generated some TLS certificates manually, and trusted those certificates all around the system.
Now, I've installed an open source PKI, and I'd like to automatically manage the lifecycle of those certificates, is there an addon that helps in this case ?
The most popular way is to use cert-manager + Letsencrypt.
cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources.
It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry
Other ways can be found in appropriate topics:
