How to use TLS/SSL certificate with Nginx ingress controller in Kubernetes

Hello Folk’s, In this tutorial I am going to explain to you how you can use TLS/SSL certificate for your applications and microservices deployed in Kubernetes.

What do you need?

Valid SSL certificate and its private key.

Kubernetes cluster with Nginx ingress controller installed.

Got stuck due to Nginx ingress controller?

You can set up the ingress controller with the following command. This install will Nginx ingress controller in your Kubernetes cluster.

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.44.0/deploy/static/provider/cloud/deploy.yaml

If your private is encrypted with a passphrase then you need to decrypt this first for that you can use the following command

openssl rsa -in private-encrypted.key -out out.key -passin pass:password123

What next?

Now after done with all the above prerequisites we need to create the following resources in Kubernetes.

Secrets (which will store the certificate and private key)

ingress (which configure tls for ingress controller and rules)

How to create secrets?

kubectl create secret tls aks-ingress-tls --cert=certificate.crt --key=out.key

Create ingress

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: tls-example-ingress
spec:
  tls:
  - hosts:
      - yourhostname.com
    secretName: aks-ingress-tls
  rules:
  - host: subdomain.yourhostname.com
    http:
      paths:
      - backend:
          serviceName: api-service
          servicePort: 80
        path: /(.*)

Note :- You need to create A record in DNS zone for your subdomain.