TLS Certificates Store
In Traefik Hub API Gateway, certificates are grouped together in certificates stores.
Note that, any store definition other than the default one (named default) will be ignored,
and there is therefore only one globally available TLS store.
Configuration Example
- TLSStore
- TLS Certificate #1
- TLS Certificate #2
- Static configuration
apiVersion: traefik.io/v1alpha1
kind: TLSStore
metadata:
name: default # Only the store with the name default is taken into account
namespace: traefik
spec:
certificates:
- secretName: secret-tls-01
- secretName: secret-tls-02
defaultGeneratedCert:
# Use the certificate resolver myresolver (defined in the static configuration) to generate the default certificate
resolver: myresolver
domain:
main: whoami-default.localhost
sans:
- \*.whoami-default.localhost
Domain: whoami.localhost
apiVersion: v1
kind: Secret
metadata:
name: secret-tls-01
namespace: traefik
type: kubernetes.io/tls
data:
# Self-signed certificate for the whoami.localhost domain.
tls.crt: |
LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZWakNDQXo2Z0F3SUJBZ0lVWHEyUFUvNWtidkNSaThBd0pHR3VXa3dHcnFVd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1JERUxNQWtHQTFVRUJoTUNSbEl4RFRBTEJnTlZCQWNNQkV4NWIyNHhGVEFUQmdOVkJBb01ERlJ5WVdWbQphV3NnVEdGaWN6RVBNQTBHQTFVRUF3d0dWMmh2WVcxcE1DQVhEVEkwTURjeE9EQTNNVFV5TUZvWUR6SXhNalF3Ck5qSTBNRGN4TlRJd1dqQkVNUXN3Q1FZRFZRUUdFd0pHVWpFTk1Bc0dBMVVFQnd3RVRIbHZiakVWTUJNR0ExVUUKQ2d3TVZISmhaV1pwYXlCTVlXSnpNUTh3RFFZRFZRUUREQVpYYUc5aGJXa3dnZ0lpTUEwR0NTcUdTSWIzRFFFQgpBUVVBQTRJQ0R3QXdnZ0lLQW9JQ0FRQzgwcVlLcmc3OHNmWENBUFd6b3NTbjBhVlFaSW5WWTFGU2UrbXhOb3RuClV4YU5BUWNPc0RocU5SNi9lWWdoNjI2Mnl2QkxJa0t5dFlSMHJ4QlpzK3FFWndudTZXKy90UFlKS1Rqekg3N0YKNFM1S2NUYWxoWnFqRzlIZEs3RWhEVlkrajN5MGgxWmVBNlZkYVNkSkQ1REtxNm9jdGtJMXVybGF0L1hnbzRQLwoxZGhwc0Q0WGpWS3Y0VnNzeFlJWUtDUTBEclZWMG0vMWlUUHRYUTFnbkkyVVlTTFFkZkp0blljR1lqTWU1VHJwClE0UE83QW0wMWwvT05UTGRvZW9EdmhjbGp3UFFubVcyQk53Q3NNMjdSSVhYKzBwQWh2Vloxb3BMZGpvclppWUEKR1B2T2NrYlhRWUdKMGRralRka042ci9yWFpLbldrWVc0U1d6TkpFeU5YTXUrbU8ycmNJdXVzeGJFWk5rNUllMAoyMU1Cb2NDOEgyejR1Vm1MMTV1SUZFYzI5OTE0L242bEdSczJLSnVQcURmK1R3TkpSRkJCZEhpdHR1bXhvZ2FOCkRkQkZoeENLdzNPNGFvc1RhOHRSMW1yNDV2RFl2RU95QmFoMFlXUmE1d2RyTTlKeWtZQ2VwWWFnWDNiNjU5K1EKK2FPbmZyL1RlK3puUktUenBUeVdPS29wazV5UEkvbUllTFJuUVVlS1MvVzA3OTQ3QVJ6VEc0Q3dkZXhaMkQ3MgpBVDFiTlN3b2hSQ2t3QjQ3MjhGSk1lTG11anhXUzRsc29PTFZXNU9yWC82WEFMV2lJY3llTGh2SHQxTmVGVVhBCldnU1F4Q3UwamNpcTBmSG9VSXF4WFo5ek9yMG5pTmRFMWp5aFhuc0xuUmFiOVBxWHRhaXhESng0bW5VMGZQVFoKbHdJREFRQUJvejR3UERBYkJnTlZIUkVFRkRBU2doQjNhRzloYldrdWJHOWpZV3hvYjNOME1CMEdBMVVkRGdRVwpCQlFqQWJDV1VmNkhmVEhHdUJLTUI1eDZxZWo0a1RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQWw1Z0ZQeDVMCkhYdHdEbGt0U1dXWTVCNUVJVG41T2o0Rm5IZ3hDd1VxZTlsSUgxcFhWVlhicTc2U0ljYmllR21YN1ZGUFowRjQKZGM4UTAxbWFJaC9tT25QSmxSMHpRL1JpcmpUb25RbXY2blN4azArckFJSmRBWTJuOU9ORTBsY2ZpR2pDMUtMNwpaSHBwb0UyalplbGhTSURVNjBlcXhNQzZJMkY0TytxQlg1QXVOUE5QYXE3OUg3cDg3TzZ1MkgxNTNjaWJteDdNCjJrUUU4b0JxaS95cGJJa2R4L2JlZURSZVk2MVJ0OHlNc0R6MmRuMGhxc0ZnYkt3ZFllMjJkSzRVTGg2dVdmb3EKaXlWM0hsOFFoZDF3L3MzZU5tYnd0S0czNTBvT2VHMHVXN0FOK201Q1A5ZlFzZzRHdzdQVjVMSmlqa3Y3c1p1MQpkTndxclVZdkdLd2RrdnRGbFBPNm5QSFVlOHdxOHNkY294WGh4YzBleFVIZmNhYkVXYXBUWHp2RjVucmczTnFpCnRmSmUzWVNWdW5YME5CRyt4MjBlbUdNN2RxNTFKczNkcmJwaXVpbTFhcmlQMnJqUm5qOVQwcWlpYkd4K2s5Z3UKUkFzZXN5bXVXRmpkQTVRWFYzNG1VM1RtWG5zTlRSSlRuNTNSdlJaNFJWaHJMN0kxYlZUOTBsRU53UDFibGtNSwpYblJMNjJ1UDVtTWd0REVKQ05sMmVOZy92NThXMkIyQzZzSHdNUit4dVFUOU45ZjlLU3hNWnc1YmtZdHM1N1p0CmExR2JQMWRWRmZpUUdQRDZBRWo5M2kwMVVlSUJCR3NKZm1ueGd3MVFOUWttRGZOZ08yUlkzTTZVUmJMZG55bkYKZzV2QVJVZU4wNWdPYmRFRHhmdS9VZ2kzaW02Wjg5T0dwMVk9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
tls.key: |
LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1Nzd2dna25BZ0VBQW9JQ0FRQzgwcVlLcmc3OHNmWEMKQVBXem9zU24wYVZRWkluVlkxRlNlK214Tm90blV4YU5BUWNPc0RocU5SNi9lWWdoNjI2Mnl2QkxJa0t5dFlSMApyeEJacytxRVp3bnU2VysvdFBZSktUanpINzdGNFM1S2NUYWxoWnFqRzlIZEs3RWhEVlkrajN5MGgxWmVBNlZkCmFTZEpENURLcTZvY3RrSTF1cmxhdC9YZ280UC8xZGhwc0Q0WGpWS3Y0VnNzeFlJWUtDUTBEclZWMG0vMWlUUHQKWFExZ25JMlVZU0xRZGZKdG5ZY0dZak1lNVRycFE0UE83QW0wMWwvT05UTGRvZW9EdmhjbGp3UFFubVcyQk53QwpzTTI3UklYWCswcEFodlZaMW9wTGRqb3JaaVlBR1B2T2NrYlhRWUdKMGRralRka042ci9yWFpLbldrWVc0U1d6Ck5KRXlOWE11K21PMnJjSXV1c3hiRVpOazVJZTAyMU1Cb2NDOEgyejR1Vm1MMTV1SUZFYzI5OTE0L242bEdSczIKS0p1UHFEZitUd05KUkZCQmRIaXR0dW14b2dhTkRkQkZoeENLdzNPNGFvc1RhOHRSMW1yNDV2RFl2RU95QmFoMApZV1JhNXdkck05SnlrWUNlcFlhZ1gzYjY1OStRK2FPbmZyL1RlK3puUktUenBUeVdPS29wazV5UEkvbUllTFJuClFVZUtTL1cwNzk0N0FSelRHNEN3ZGV4WjJENzJBVDFiTlN3b2hSQ2t3QjQ3MjhGSk1lTG11anhXUzRsc29PTFYKVzVPclgvNlhBTFdpSWN5ZUxodkh0MU5lRlVYQVdnU1F4Q3UwamNpcTBmSG9VSXF4WFo5ek9yMG5pTmRFMWp5aApYbnNMblJhYjlQcVh0YWl4REp4NG1uVTBmUFRabHdJREFRQUJBb0lDQUJva2lXdjdIZ1RBZ3QwaHZZMlVkZWtpClErTExPTERSb21YQUt1SjlRY25FSFlyWGllbWFYbHFJdTViRHRjOEp4ZmRnUmtBR0lLUHJobk9Tb0E4N1hneUgKZmo3cUZRTVVMcEw2eThhNjJNZnBpR1l5eklwdGpWNW9oZmc2MzJMMXgydG1wRnUrVFNmbWExUEdoa2pvU0hkaApxRzRoNXkyQjM3M1VCYzB4OW5SS1lEOHB4cFJZM2JUazNQY1M2cjNRemtwaTFacHA4S21zY3dNUEdoWUw0WHp2ClYwbWVFRHJscE5jdWEyalYrMVVSSXU1WU54NThKbmJxQ0trdmpMTXpTTE1nM09TdnVZeW5tWlVmSGl6VkFqbWQKWE1kdHFBbmwyVVNLRVpNR3FURGtSS0RDL2xTT2lPZlMrbDd0Ui9yKzljN0VLQ29zSm40WkhWdDFaaER2TTR0MQpod0tDMXhxN0I0ZFZ5ZFpwYWdva2E1QUUrVndXUHFrdDBCT0NhK1RrV1JXMGZJbnNvUUpyVTVZalNLV0ZCeTRLCjhPczg5UnZ5UGVYUVlzOTlqWkRObW9XajZXTU1XRjk4UTZ5ZFVUZ1hZZmZGdE14a2x0M3ZBRW04VTZFdWpobk8KeTJvd3dYeWsvMk54L3JpNVMvTmNmbjdockxVbElFSWZJOG5tbGRjYkp1dXIyWkN1eGtTOG5QZ3FLU3pBV0xCLwo5Y3N0VXVCMC9RQisyek9VRU9TemJsY1poQXJkSWtxelVqdUF4aklScFBZM2VGRkZ2UXZkYkd3UFFBazBkRlBXClY3QW1GQkNuNlhwQVdHV2NpcEw3L0lxOFhIQ3dSd2o4ekt4Mkd6ZzlxUDBGZnBaYTAwM3Z0L1JYOC9JU3ZONGQKWkt5ME95UEY4TVRPUkJQdkltVXBBb0lCQVFEck56SDdXVDZNMlNNY2dFa1JpdVZQNnRRMHRhQXg5YlJVR1VRRgphWFVoUWxzNmV3V2R5a1FjVk0yanVoRkRENjkvY1dxek4xeFZmU24zN3dUOVhOZVZiVUNNaGluMlcwWldYdnUyCmllQkNTYUdyWVhQQXFRcExsTlVqWElzMkorRldsZWpiYjg3RGRUTmhQYmVFS2hHbXU0eDdTSkhvRnk0QlBDS3AKV1h5THdMcERYbWtxVXlYS3JpbWZVbFp5aWQ1OVZKNUdOR1ZYYVRnZ3kwajcrQmt1OVJJemliUE1wSkxDUHI0cApxQVRORjR4dTNEeXJQaDRaRStSMGFFd2ZxTzNUclJ6VVJKY2JxYVVqeHoxTHNDcVVielVzNFhnTVo4c012bUhFCmxuZmh2dzlmcWRWeU90RVpHSlBpMWxQOUFNN2dWdXo3VE5WVmNzKytrVEIwblpPVEFvSUJBUUROZ2dFVFlaWXEKU3pjMGxubDhaWjRjWlNWdEo2czV6TW9Ia00xZXF5K1BkRU02eVdpMVZBVFo5WnNVMHFaSjhKekZUNEdVR3pZVApFa1dmQ3UzSmtJcXhuUW5SdEpZd1RSWmdWYllCUDZ4cVFCUm5iMUtDeHZIdW4yMXJNS1p0bXEyTVAzM0tkcmVrCnRrL1VDaTdOY1k4NVJpWTgyclJZWitRU0gzcVh6OHJLYWJ4dGJYd29hMyswbG0xdW0rc3M1dWpMeS93L2syUFoKR1FsT2xUQ1gxaG1KZ2xmUUtiTm41WHBLQmU2aVdzcnl6NWF5WUpQZFE1UDZtZDMvOHBXUk9mNTBzeGhidDNzWQpsN1g2WjZzRVBvOUxpNDZFNDhxci9SVzRIcWkxeG9KRXpCcW9Bcm5Za2VEMlM0cFpaTHB5T3dBRWVESlF1MW42Clk3KzlOMnNzMld4dEFvSUJBQ21FcEozcE10Rkp3cGpWVEJCOG85MW5aZTJuNFk3di85U1lZUmxUZEFsYTNSK0YKZDRoU201TWtwT2V4Z0RxR0drUTBrTkR4aEtyU1hRWVdlcHIrT0U5MzZWemtrYU9hbU4vR0JFaEVMZ0dGWGJRUwpqNHdDU243czFuSlhjM3NycnVySnEwQ1FpNzZVZ1cwNHA1djhrUUVOT2M3SkVIZ1hIMWU0ZGFYTzFkMFZOOHVNCmJxTzU2WUhOSEN1ekxPOHF4c3I0bExkdnFETzFydUthLzFiNmcvZDE2ckNPTGQ2QmJpWTdUUFd0WXF1UTdJamsKOXhDQzltMFd4Y3lHWEdsNk9BQ1ZIZkdaNmRKSUw0NFJMUkNmRitUN2ZEZGYxUURia1V1K2p5TlVLL1Q4OUltKwpRSjdaSXU5N0Z4K0RGWEFqSkdFVTl0K2t3RU5FOE1hQ2Vqc2JWV0VDZ2dFQU02b25VeFFKaUlCNFZJUXY3cEl0CmViNEQ5cmt1VnMyaFROMmVnOXBOanFjUDc4dUt3MnRuL05PK05USHdGRTZsV3dWdDhpb1ZJaDVKMm40STRjK3cKem81SVZhd3N4ZC9iYkVTZ0NSaFU1REZQNytFUXdVZjZzcDdxQnpTbjRvNHNhMEhiQWZkdW03NHB1NGtEMHlwbApjMlNyWUVrclpiNVluQ1hGMER5eElzb0tVUWhoV2xnTU52NUtiTEJPSTIrNXZ1SjlmQTQxMy9KbllKWXBMVUxxCkVLUHdKNmtVTFY2SHEreHAzZTh0Ym5XNTBRWnVwZ1hEUWhGRXVuL21FaWllVEFCcWMwUmhjZ0ZTQXEzbFZKL1YKcm94YlBCVjRjbHlpQlRQUC9rTDFwUTRhOVhvWjl0UlYxaFdQcG9Hb1RlZC9UYUJhSmVtejZUc0NqVE5OZ216MgowUUtDQVFBWStIbWJaOVQxQUd6STlaeHptaGFXaDJHSXhaR3RyK2dqUVlMd0J4eGhNRzZ4ZmlNZ1RIL014cm1LCmpMYys2VGRHOHpoTWl4T0p1bFZSYUVOSUZ6Qk1YWFNJcVlSYzlqYmJvZlZWMlVCazVxWStsb1ZqRzJjS1RweU0KbGFrUElMYjZIV3prSVIzdDdXN0V0aG01dU9Dak53OGV4RElLZVNaWEphREpUOTJ1MGJZTm94clB0UmF4VEFqKwpIUnJqeWwzUXU1bGpKUWJidnA4VjB0em1udkNwMmNmczZnZGxoY0FuN2RDWG5GQW04R0liUUtnalNzaTRpTUNaCjljNDhzTExOdXA4N0Fwb3A3SFFZOGduN0E0NGxEYnJLdzJ0UFhuLy9FRGFCWmFFT2JmdXR6S2ZNYjFwWDRoTmQKR3RoR3Y5eTB6UFNBY3JNMjIvbkdTR1djTm5JYgotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg==
Domain: whoami02.localhost
apiVersion: v1
kind: Secret
metadata:
name: secret-tls-02
namespace: traefik
type: kubernetes.io/tls
data:
# Self-signed certificate for the whoami02.localhost domain.
tls.crt: |
LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZXRENDQTBDZ0F3SUJBZ0lVTGhPSWl6Mm5CYndYQ1R2TllLVHNaRFZ0M1VVd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1JERUxNQWtHQTFVRUJoTUNSbEl4RFRBTEJnTlZCQWNNQkV4NWIyNHhGVEFUQmdOVkJBb01ERlJ5WVdWbQphV3NnVEdGaWN6RVBNQTBHQTFVRUF3d0dWMmh2WVcxcE1DQVhEVEkwTURjeE9EQTNORGd6TmxvWUR6SXhNalF3Ck5qSTBNRGMwT0RNMldqQkVNUXN3Q1FZRFZRUUdFd0pHVWpFTk1Bc0dBMVVFQnd3RVRIbHZiakVWTUJNR0ExVUUKQ2d3TVZISmhaV1pwYXlCTVlXSnpNUTh3RFFZRFZRUUREQVpYYUc5aGJXa3dnZ0lpTUEwR0NTcUdTSWIzRFFFQgpBUVVBQTRJQ0R3QXdnZ0lLQW9JQ0FRQ2tmNkg4NTJmTEZtV1hVMXp6bDVrZFFrNW5QOEpadFpjemYwWjBHMENVCkpsS2VDWlhlUkYzekxmNDQ5ZDMrWTBwbFhZbjBwZ2lOZ3huYXBJTVBpV2lyL1hvU2hCTTVqcFhmWHdvNmRsNm0KTEJVME0rdEtLbThZa0JjRkxHQWVFMXh1aGZ4VjNlYk0xTCtxaWpRdXpzZlJpWXJmVDlCT1JQVm1Mb3RIL3VNOApkTHQ2WmFvVy93VFdKUnhwSkkwZGpnMWV6cjAyeDdTdFJQdUZFaFlSK3FadjNieUFBNWRBNDhXc0s4bXBrdXZJCjF1ZFFtY2Nobko0eitWc09GRzBPT0R0cnNIVm1CZk8zZitIY3ZURVU2VnBrU2wyY21CdXpCZmFKVzJSZWVaa0QKM0dOZVdpODRXNnpwQUllOThSVDExU0ZrSG9DeFNMcXdxckROL29ZVTJCOWZFM3I0eG81T29VVVdvTE85MXcwdApKRTZoVkczcVhUR3Rock1EbVlsVHVnNGxGTVJDK1lHL1lCY0dOVWpjVHZxM0FDVUxZY0RvdWs4RjZlSXFLNE1oClJjcmp2TEJHSnJiVXFtZnhnK3U2Z081ZXNzMVFESHRqTytBenFTYU1FalQ5ZWJYaUN0elRKOUVDMEljSUJad08KZDAxTllOQkMyakFZVm1rRDZmUk8yWm5BRmtkODRESDVmanJaL2tIakNJYVUvNzFNWU1USkRGcExhSTR6dTJPYgp0QXMwYk1uUklSSklxcXFDcUo4cERtcTdjOUdFYXpCbXIrSjNjUXl3OXFwRWIreXU4akRFdUhHZFlHYk1sUTNtCnBnOUgxQjU4SGs1YllFSkg0eU1CdDhudmZuTVhybGpzVTZWMWtqWGorUU1kV1RBNm9pR2pXWmR0dUJwRitEZnoKNndJREFRQUJvMEF3UGpBZEJnTlZIUkVFRmpBVWdoSjNhRzloYldrd01pNXNiMk5oYkdodmMzUXdIUVlEVlIwTwpCQllFRlBWbXVqMC9xTm1JVEkwZDE0VmkzUU9DWDlWNk1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQ0FRQW40OTM5CklER0ltb3gzZldZREFsV1M4cUowYWFZZEFOYUg3ajZwTmllSDNLOEFyZk5Eelk0R0RsVlcvL0ZaS3dDckgxVFEKOEpuVGhNdWhQaFdLYTVzM1BXaHdtb1BraFdXRlBWUHpGeExlUlhNRzBqTnhZdHF5ZXpublgwaW9yeldQellmTAo5NFJtNWFQTzlueExZWXlnUi9WWnhBSGxSSzRldFNubmZ0UVBoWlcyd1pBc3g5Ykw5eUVIUC80Z2xmZzJzbzd3CjZua2h6M1BZbjhMQUVnTjhxdnVEcGo4dWg0aXR6a3Jpd1VWRnBVQUc2WmdEV0cwMjdXWWNHTG5QMmtOVjVnRVkKVFNOZFREaWV4RXphbkFIczBVTzVobDcvc1B6eGJ2QTlFOGJUc0hkeWdlWE5VbkRjbEtrNU1CdFhYdk5vN2lZagp6ckN1K1A0MTdNb01hUWVXYkNJNXo0ckY0dXBhdHFuU1ZHcVlGNEtBeStnNnNLZksrbER3TksrUkFQNHlkUDJjCm9meGdtUE95RmRJSnFVcElHZGthUkg1RWhJSThDRHhXSjVHY2RkQjJyaGViZ2Rmd3pLS1lNTnd3aGt1ODZTRFEKVW5QWlF5ZnY1TXNKSG4xaGplK1E4cHhiRVUwQ0t1UjRiblA4Yk9Yd0lnbEwzcExlMW1xbjN4OVZXYmFqRTZ6QQpNZTkzckQ4SlVDYTIzTnc5MzRaMDMxck9mbjUyZWgwd2t6dlhmNHBYTU9hOFc2bGtmOWFtejZxVkFsZWU1Vm5VCjhrdnZMMnZQMU9TOW9vR05nNVJzR1N5b3RjTW9qbnhtMFFUQ3lkYXBLS2JDMW1EeE5NU0NOWTZVdVZwU1AzY28KS0VHbGZoeFowa25kdVo2bzVrWkREN2NjS3AyRWU0RlRHWTc1c1E9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
tls.key: |
LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRQ2tmNkg4NTJmTEZtV1gKVTF6emw1a2RRazVuUDhKWnRaY3pmMFowRzBDVUpsS2VDWlhlUkYzekxmNDQ5ZDMrWTBwbFhZbjBwZ2lOZ3huYQpwSU1QaVdpci9Yb1NoQk01anBYZlh3bzZkbDZtTEJVME0rdEtLbThZa0JjRkxHQWVFMXh1aGZ4VjNlYk0xTCtxCmlqUXV6c2ZSaVlyZlQ5Qk9SUFZtTG90SC91TThkTHQ2WmFvVy93VFdKUnhwSkkwZGpnMWV6cjAyeDdTdFJQdUYKRWhZUitxWnYzYnlBQTVkQTQ4V3NLOG1wa3V2STF1ZFFtY2Nobko0eitWc09GRzBPT0R0cnNIVm1CZk8zZitIYwp2VEVVNlZwa1NsMmNtQnV6QmZhSlcyUmVlWmtEM0dOZVdpODRXNnpwQUllOThSVDExU0ZrSG9DeFNMcXdxckROCi9vWVUyQjlmRTNyNHhvNU9vVVVXb0xPOTF3MHRKRTZoVkczcVhUR3Rock1EbVlsVHVnNGxGTVJDK1lHL1lCY0cKTlVqY1R2cTNBQ1VMWWNEb3VrOEY2ZUlxSzRNaFJjcmp2TEJHSnJiVXFtZnhnK3U2Z081ZXNzMVFESHRqTytBegpxU2FNRWpUOWViWGlDdHpUSjlFQzBJY0lCWndPZDAxTllOQkMyakFZVm1rRDZmUk8yWm5BRmtkODRESDVmanJaCi9rSGpDSWFVLzcxTVlNVEpERnBMYUk0enUyT2J0QXMwYk1uUklSSklxcXFDcUo4cERtcTdjOUdFYXpCbXIrSjMKY1F5dzlxcEViK3l1OGpERXVIR2RZR2JNbFEzbXBnOUgxQjU4SGs1YllFSkg0eU1CdDhudmZuTVhybGpzVTZWMQpralhqK1FNZFdUQTZvaUdqV1pkdHVCcEYrRGZ6NndJREFRQUJBb0lDQUFsWFRCSUo2KzF1NEtiMnIyVVB1enliCm1zc25KamlrNUtpaWRoUTZ4ZkNEdXBaSjBnNVVrSWN5R2VrUElTT0ViT0dUcmJWTVJsa08xRVdEcVFPVldISEgKeTRwSW9MVFlnVzgxUE9YeitjenkzT05oZlY5eFNHeTdKZXQveVJkOEh2Z1J1TElCajAwYldhVHNBeW1UU1dwLwpKbmttMVp2VU02RXhUR3h5cjJHcitVZHFoWDJYenFVQVozd2EvTDVzWmhyM24yd0FiQ1NZc2JXdFFMNlZucVRrCmtRTXQ4UVZZeWMxTWtUK0ZYY2xDVnRGUFlpem84VnpmTUluOG8vSzJRNzJLUUNoaWR5UDQ2WkQ0MTFRcUtoMWUKMGJFR1BEQnV5c0NqQlhDTjlCL3hnRjBIdnYyeXl2OVNMZU1kMFFSaXJXbzdoekJLQW52c3ZXeDlJdzBFOXNiKwpmYmk2aWxyOWVLZjc0QXBHSGhHVWF6TjJIUkVFUEttMnFzZktTam1RQld0SGN2SVBhU1BPcXlQemtJMy96TUJyCm9YTEkxczBzTEFNaXBLVjExS0Y3eHUyY2JSM21kN3hjbTZmby8rcGMxWnNEZU9ycFBrUktNRENwUnBQOUhwUSsKdC9FMGg4ejlmQWMxUHNPM25FNWZQOEI3MlQ1NmZXTk1xeGhTV3dORkRoUmo1dGpXTXJBR2cxQk9DOEJnemtBSwplRkMxMXpSMEd2MEQxRjdvb2ZaRVlxdjUyMmt6UlR3SE9FSzIvWjZhWXBQL1ZQTSthQlk4N3h0WWV0dUJFWU5qCkhjRlB2dlF0U05DMEVFKytuVmlnSk9RNks0bWhBZVhDbUNtZGRYVTNLNURNSHpMOXp0c0I1aEd0SUt1L21pQTIKUGdqeXBadlROelY2UkRZZWl5eTlBb0lCQVFEY0ZtRmRQb3F0VkI4ZUZCZnJLZ2NCbW94alVvaHIxdG5FUnhvcAppdlNqMW55NXNUWFdaUjU1eWozYzd0WCtPUWo2WmZiNDVWTnZtUWpNbzdzVHRSd1g3Q2orc2c3Sm9Nelg5TzlnCmEwS3kzRU9INFN4OC96THdLamlIMjBLSzV1UTFCZk1CeVRjT2dvcXgzcXpnWGlxbHdwUm5IZEZyVjlqMjgvbWYKQXNEanREYXZFVzhleW42OGJWdldoVlFxZUo0ZVV3SWlpQVNLQkY2d3p3dXdON1dXazh3OFkweGVzWWo1WEhERwo0eVVrZGpTK2FKQzRkelZ5Y1d0cXkzRHFKWDdBYi9FaWttZFFHdlp0b2NiN3c5dm1vYVZ1TVpIKzhpQzVNL2dxCldrUDYvcXBrRmcwakR3andWZkhweVNuMnJ4NlJaeTZsRWQrQWkvME0rMUJKN09iZEFvSUJBUUMvVnltU0txK1IKbUw5WGJCU0dLSlFQM3NZZk1hbFRUSFFla01CbVUrTUszbEJaUlR1THFIWm1vVm5hNmVTNHlJc25meVZQNFpuNApxcStsaCtUY3RWWnRCbHdoM0JNQXFIWHVLNUc1Mm10d3FDVjdFUjhMTU5QWWhqZVFYMlBUc095UnJ5WGN6MmRSClZaTmdRQkxrQnhtdFNBUGhWSFJGaTd2WDh2NlJTc3pkSkkwNDVrYWtLc0huN0ZLd242djJIejIzOGU0eExGZFIKb3Y2My9zMy9mSFZQbFhGd2M0UVBGU204RmNVcUN5YXZ4LzQ4ak94ellVVDdMSEhUcmorSnY2aTNXcGVxekVtQwowcTR0OWtFQTZoQnNicjVzOVVsS0pUOTM1L0ptaXBQd1pyTzBHNjd6VHc5bFROeFpNSlFuOXUrV1Jqc0hLM1JvCmQraGw4S3dYeThWbkFvSUJBRXNHb2hoTVNxLzlua0g5clkyd0hRVlI3d3VveGZLbElrVkR5OHBmb1RmODFUWGsKRUN0TyswMmZRT21BelpoRlR5YzAvVFVwMEFDYUZhTFZLZC8wL0dlM1RONU9TclkzUjcxU3RRdVVaUDllRVBOUQpNbjlGNjlKdFFpb2w5NUFzVjUwdnN3Qm4zSW5vdkdrWU5LeWp6VHdHa2RwNUVydmFEWTlaNmoxbmplUFJ1bGFCCnhmU2tLUUlJOGFhMmV0T2puSnRQeHNtSXZxdGlBL21ZQ3k3K1BydmZGRjk5cGpvZG9Va0lWeldsbHpMUHpQa2YKNGozUC9YdE82TVJXSjk3WisxU1VsSW9waUdpSldIcFZET1VraG1FZnQ2cFI0YWdjV0VWcVR1MzVLWFYxdlJZegpZalVTV2dTNzk2U3Z1OHRwTlMxeUZEZVhXUzZVQ2lhVHdYSUIvVTBDZ2dFQkFJVXV0V2ZoUUYyV3RiQ3pNVUlFCm9ySzlQS2hmMTkxOFBPTTluRDVkcTQ1WUdoTlpKazVhanpkMm5lWExvZ0dnellOTGMvdzdLd0kwUkpoeWs3R3cKb3h5MkxaRC83MVlvN0JWQXpHbFNDRERkU1dGMUZHZWtzQUJwdytsQkRHcEFIeHAwa0dVM0ZGSS92NXBpWHdQTAprV3JVMHFhWU0ycHBEZklOV0hablcxdWVZcEkxYnZ3OEtzWTA3NFd6VG0yOVp5ZFBSWjJDb0xEWlJIVnI3WlVrCjJ6N3U1WXdCUysxM3JKb1hpU3B2b3BqK0d3K29nN2ozL3B6YVhjeWEzKzBRcys0VUo3ZWlCSlVEOG10Wm1mdDUKOEw2WkF3RXlacll1WVJRa0pjeU1MdGRKbFZJTFp1WkNwSk85UVM3dnFtQjYrRjlnT1J3UGVqSnhMQmt3d1lpNgp0SWNDZ2dFQWZUOEkxbENlK3lMMmtGc29vRi9kQml3bkNybkVuSXErQlJOR1hvMTJhMHZNQ1RKelRTQXZkYzAzCnlCVkNsVTl2bnFwaVRybXlKTHJvZkhMSDNkTDQyYndDNkpsS0d2QjMxcHNmUndWMFBaeTRBN0gwTjZHc0phVmUKeWtqT2Z5bU5vZzZRT0thQ2lFNGZ4alNHVGlhZXo1MmUzTWgwRWpzNUZtZkZCSU9UTWlXWWxSNEpwWnhzb0t1bQpRaTI2bzBySXlxMUVvdVFxdnViczIrY3VPZmhFK0lLUmFGRFc3ZGhnSnROamFDV09TMGRnc2RZeGgxUWpRQjhICkk2Zm9rK05wK2lOSE0zVGRNV00yRlNlM0ZORzdvL3ZHRWhhN2VmSlJITythZ1Vad29oQysyWC9oaFlkODN1VzIKOTNuRXpSVXJEeVE0RDhOV0ZmRXZoNTZzVzFVRnhnPT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=
YAML
certificatesResolvers:
myresolver:
distributedAcme:
email: "[email protected]"
storage:
kubernetes: {}
httpChallenge:
entryPoint: "web"
Configuration Options
| Field | Description | Default | Required |
|---|---|---|---|
name | Name of the TLS Store. Only the default store name is taken into account yet. | True | |
certificates | List of Kubernetes Secrets, each of them holding a key/certificate pair to add to the store. List item format: secretName: $secret_name | False | |
defaultCertificate.secretName | Kubernetes Secret served for connections without a SNI, or without a matching domain. If no default certificate is provided, Traefik will use the generated one. Do not use if the option defaultGeneratedCert is set. | False | |
defaultGeneratedCert.resolver | Name of the ACME resolver to use to generate the default certificate. Do not use if the option defaultCertificate is set. | False | |
defaultGeneratedCert.domain.main | Main domain used to generate the default certificate. Do not use if the option defaultCertificate is set. | False | |
defaultGeneratedCert.domain.sans | List of Subject Alternative Name used to generate the default certificate. Do not use if the option defaultCertificate is set. | False |
DefaultCertificate vs DefaultGeneratedCert
If both defaultCertificate and defaultGeneratedCert are set, the TLS certificate contained in defaultCertificate.secretName is served.
The ACME default certificate is not generated.