ECC和RSA多证书

Tengine-Ingress支持域名同时使用ECC和RSA双证书,默认原生系统只能使用单张证书,Tengine-Ingress扩展标准ingress规范,在兼容单证书的场景下,满足ECC和RSA双证书同时动态生效的应用场景,且可以继续扩展为ECC,RSA和国密的三证书复杂场景。

tls:
- hosts:
  - {host1}
  secretName: {secret name1}
- hosts:
  - {host1}
  secretName: {secret name2}

示例

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: alibaba-ingress-tao
    nginx.ingress.kubernetes.io/proxy-read-timeout: "60"
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
  name: alibaba-tao-tengine-taobao-org-ingress
  namespace: alibaba-ingress-tao
spec:
  rules:
  - host: tengine.taobao.org
    http:
      paths:
      - backend:
          service:
            name: tengine-taobao-org-service
            port:
              number: 80
        path: /
        pathType: ImplementationSpecific
  tls:
  - hosts:
    - tengine.taobao.org
    secretName: alibaba-taobao-ecc
  - hosts:
    - tengine.taobao.org
    secretName: alibaba-taobao-rsa
© 2011-2023 Alibaba Group. All rights reserved. Designed by Aliyun UED AX, Proudly powered by Tengine-Ingress on Aliyun.