skip to Main Content

My team inherited a 3rd party Azure software product from another company. It was migrated or moved over by someone external, and the website had been working, until The cert for our dev site in Azure has expired..

but I’m not seeing the SSL cert anywhere in places recommended online to store certs. We’re looking to find the cert and then renew it as well. The website is set up to only allow https access.

It was issued by Let’s Encrypt, and there are helpful articles out there to auto renew; I just don’t know where the cert is located yet. Hoping someone can help give options, maybe a different keyword other than (SSL or Cert) to find it on a global level in Azure.

The usual places for certs that I know of but are EMPTY are:
Azure Key Vault > Cert.
App Services Cert
Application Gateway
App Services (This resource type is not even used)

I’ve also looked under Settings/Properties for our AKS resource, Azure Load Balancer, and in various YAML files for these. Not seeing anything cert related there.

I expected there to be a cert in a Key Vault and to then update/configure that to auto renew so that it’s a hands-off approach.

2

Answers


  1. This cert might be configured in your ingress by allowing SSL termination at ingress level. You better describe your ingress resources and check if there is any config as,

    TLS:
      <name>
    

    If it is there, probably there needs to be a k8s secret with the name <name> which hold the cerificates.

    Login or Signup to reply.
  2. To extend the answer of Sahan, usually ssl termination is handled at ingress level. So if you are using any third part certificate authority, your certificates must be imported as secret inside k8s cluster. You can view your secrets

    kubectl get secrets
    

    If you find any secrets that match with your ingress object specified by Sahan, then this is the location of certificates.

    spec:
      tls:
        - hosts:
            - yourdomain.com
          secretName: name_of_secret_returned_from_above_command
      rules:
        - host: yourdomain.com
          http:
            paths:
              - path: /
                pathType: Prefix
                backend:
                  service:
                    name: your_web_service
                    port:
                      number: 80
    

    If you are using letsencrypt, then this is the guide that can help you

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search