This guide assumes that you have already generated your root certificate and key.
The ca-clusterissuer only needs to be supplied two values to function.
tls_crt- This is a base64 encoded root certificate.tls_key- This is the base64 encoded key/secret.
These values need to be supplied when attempting to install the ca-clusterissuer into a supervisor. The format of the file can be seen in values.yml. We do not provide any defaults in this file, it exists only to demonstrate the structure. To generate a base64 version of your certificate and your key, you can run the following commands:
$ cat crt.pem | base64 -w0 # or at crt.pem | base64 -b0 on BSD based systems
$ cat key.pem | base64 -w0 # or at key.pem | base64 -b0 on BSD based systems
These values can then be copied into the vCenter text box when prompted.
For more information on CA issuers, visit the ca cert-manager documentation.