Keptn Certificate Manager
Keptn Cert Manager
The Lifecycle Toolkit includes a Mutating Webhook which requires TLS certificates to be mounted as a volume in its pod. In version 0.6.0 and later, the certificate creation is handled automatically by the klt-cert-manager.
The certificate is created as a secret in the
keptn-lifecycle-toolkit-system namespace with a renewal threshold of 12
If it expires, the klt-cert-manager
The Lifecycle Toolkit operator waits for a valid certificate to be ready.
The certificate is mounted on an empty dir volume in the operator.
When a certificate is left over from an older version, the webhook or the operator may generate errors because of an invalid certificate. To solve this, delete the certificate and restart the operator.