Creating an ingress certificate secret

An ingress certificate secret is a secret that holds Transport Layer Security (TLS) certificate to be used as identity for ingress or routes. The ingress or route URL presents the TLS certificate to the clients.

About this task

You can either create your own secret by obtaining the ingress certificate from the host where your application is exposed or by using the CertificateManager custom resource.
Important: All the required secrets including ingress certificate secret, JWT issuer secret must be created in the same namespace where the Operator is installed.


Create an ingress certificate secret by using CertificateManager, as shown in the following example. For more information, see Configuring CertificateManager custom resource.
kind: CertificateManager
  name: ingress-cert
  namespace: sip-operator
  expiryDays: 365
  hostName: 'sipservice-<namespace>.<ingress host>' or <'*.<ingress_host>'>
Note: Ensure that the <ingress_host> in hostName matches with the that is configured in common parameter of the SIPEnvironment.