Anyone use letsencrypt to issue and automatically update harvester installation ssl certs? if so, you have a link to some docs?

When you say installation ssl certs, what do you mean?

Yeah. I actually figured it out 😃 Thanks tho

fwiw Here's my steps for that (in case someone else has the same question later): • Enable the built in RancherUI - Under Admin Account > Preferences > Enable Extension developer features • Install Cert manager - Installing the crds with the helm chart. (via the built-in Rancher UI now visible under Support) • Create a cluster Issuer object for certmanager that gets you LE certs. . • Edit the default Ingress (called rancher-expose in the cattle-system namespace to have the FQDN and Letsencrypt Annotations. It should look something like this:

apiVersion: <http://networking.k8s.io/v1|networking.k8s.io/v1> 
kind: Ingress 
metadata: 
  annotations: 
    <http://acme.cert-manager.io/http01-edit-in-place|acme.cert-manager.io/http01-edit-in-place>: 'true' 
    <http://cert-manager.io/cluster-issuer|cert-manager.io/cluster-issuer>: letsencrypt-issuer 
    <http://kubectl.kubernetes.io/last-applied-configuration|kubectl.kubernetes.io/last-applied-configuration>: > 
     {"apiVersion":"<http://networking.k8s.io/v1|networking.k8s.io/v1>","kind":"Ingress","metadata":{"annotations":{},"name":"rancher-expose","namespace":"cattle-system"},"spec":{"rules":[{"http":{"paths":[{"backend":{"service":{"name":"rancher","port":{"number":80}}},"path":"/","pathType":"Prefix"}]}}]}} 
spec: 
  rules: 
   - host: <http://harvester.example.edu|harvester.example.edu> 
      http: 
        paths: 
         - backend: 
              service: 
                name: rancher 
                port: 
                  number: 80 
            path: / 
            pathType: Prefix 
  tls: 
   - hosts: 
       - <http://harvester.example.edu|harvester.example.edu>
      secretName: harvester-certmanager