Skip to content

Securing a web site with LetsEncrypt

LetsEncrypt is a popular way to obtain a self-renewing web certificate to secure a web site. With LetsEncrypt, automated routines handle the tedious validation, renewal, and installation of updated certificates. Plus, it's free.

However, the standard LetsEncrypt process assumes that web certificates are stored and accessed via a conventional file system, whereas in a Kubernetes-based systems like Rancher, web certificates are stored as secrets and referenced by ingress controllers.

This slide deck (PDF) describes NERSC user Chris Harris's process for implementing LetsEncrypt in a Rancher environment.

This video (MP4) shows Chris demonstrating the approach for NERSC staff.