3.4.6 Create a Kubernetes Secret with SSL Details for Istio

To enable access to Istio using the HTTPS protocol, you must create a Kubernetes secret that contains details of an SSL key and certificate. MicroTx uses this information to access Istio using HTTPS.

Before you begin, ensure that you have installed Istio in the Kubernetes cluster. See Install the Required Software for Kubernetes.

To create Kubernetes secret with the details of the SSL certificates:

1. Identify the location of the SSL certificates that you want to use.
2. Import the SSL certificates to the Kubernetes namespace where you have installed Istio. Run the following command to create a Kubernetes secret with details of the SSL certificate.

   Syntax

   kubectl create secret tls tls-credential --key=ssl-key-file-path --cert=ssl-cert-file-path -n istio-system

   Example

   kubectl create secret tls tls-credential --key=~/certificates/example.dev.key --cert=~/certificates/example.dev.crt -n istio-system

   Where,

   • tls is the type of the secret.
   • tls-credential is the name of the Kubernetes secret that you want to create.
   • ssl-key-file-path is the location of the SSL certificate key file.
   • ssl-cert-file-path is the location of the SSL certificate file.
   • istio-system is the namespace in which you have installed Istio. The default namespace is istio-system. If you have installed Istio in another namespace, run the kubectl get ns command to find all the namespaces in the cluster.

Note down the name of the Kubernetes secret as you will need to provide this detail in the values.yaml file to install MicroTx.