Channels
academy
amazon
arm
azure
cabpr
chinese
ci-cd
danish
deutsch
developer
elemental
epinio
espanol
events
extensions
fleet
français
gcp
general
harvester
harvester-dev
hobbyfarm
hypper
japanese
k3d
k3os
k3s
k3s-contributor
kim
kubernetes
kubewarden
lima
logging
longhorn-dev
longhorn-storage
masterclass
mesos
mexico
nederlands
neuvector-security
office-hours
one-point-x
onlinemeetup
onlinetraining
opni
os
ozt
phillydotnet
portugues
rancher-desktop
rancher-extensions
rancher-setup
rancher-wrangler
random
rfed_ara
rio
rke
rke2
russian
s3gw
service-mesh
storage
submariner
supermicro-sixsq
swarm
terraform-controller
terraform-provider-rancher2
terraform-provider-rke
theranchcast
training-0110
training-0124
training-0131
training-0207
training-0214
training-1220
ukranian
v16-v21-migration
vsphere
windows
Title
p
polite-breakfast-84569
09/19/2022, 2:41 PMHi everyone, I have installer Rancher 2.6.8 recently. I setup my SSL with lets encrypt but no ingress. I created manually a certificate as follows:
apiVersion: <http://cert-manager.io/v1|cert-manager.io/v1>
kind: Certificate
metadata:
name: <http://rancher.sand.example.com|rancher.sand.example.com>
namespace: istio-system
spec:
privateKey:
rotationPolicy: Always
secretName: <http://rancher.sand.example.com|rancher.sand.example.com>
commonName: <http://rancher.sand.example.com|rancher.sand.example.com>
issuerRef:
name: letsencrypt-prod-istio
kind: ClusterIssuer
dnsNames:
- <http://rancher.sand.example.com|rancher.sand.example.com>apiVersion: <http://networking.istio.io/v1beta1|networking.istio.io/v1beta1>
kind: Gateway
metadata:
name: rancher
namespace: cattle-system
spec:
selector:
app: istio-ingressgateway
servers:
- port:
number: 443
name: https
protocol: HTTPS
hosts:
- <http://rancher.sand.example.com|rancher.sand.example.com>
tls:
mode: SIMPLE
credentialName: <http://rancher.sand.example.com|rancher.sand.example.com>
---
apiVersion: <http://networking.istio.io/v1beta1|networking.istio.io/v1beta1>
kind: VirtualService
metadata:
name: rancher
namespace: cattle-system
spec:
gateways:
- rancher
hosts:
- <http://rancher.sand.example.com|rancher.sand.example.com>
http:
- name: "http"
route:
- destination:
host: rancher.cattle-system.svc.cluster.local
port:
number: 80kubectl execkubectl port-forward$ kubectl exec -v=7 -it myPod -- bash
I0919 16:30:52.730382 61542 round_trippers.go:457] Response Status: 403 Forbidden in 78 milliseconds
I0919 16:30:52.730998 61542 helpers.go:216] server response object: [{
"metadata": {}
}]
F0919 16:30:52.731059 61542 helpers.go:115] Error from server: