Create certificate for gitlab.net domains using cloudflare-issuer (!74) · Merge requests · GitLab.com / GitLab Infrastructure Team / Kubernetes Management / Tenants / Reliability

Marcel Chacon requested to merge mchacon-cloudflare-ssl-san into main Nov 08, 2023

What

Configure an additional host in istio-gateway to handle traffic for *.gitlab.net domain while terminating SSL with a different certificate generated by cert-manager using the cloudflare-issuer.

Why

The gitlab-combined issuer doesn't have access to add verification records in Cloudflare. We need to use the cloudflare-issuer instead.

Istio Docs Reference

Edited Nov 08, 2023 by Marcel Chacon

Create certificate for gitlab.net domains using cloudflare-issuer

What

Why

Merge request reports