kubernetespostgresql

Enable TLS

Improve this page by contributing to our documentation.

TLS support can be enabled in the chart by specifying the tls. parameters while creating a release. The following parameters should be configured to properly enable the TLS support in the chart:

  • tls.enabled: Enable TLS support. Defaults to false
  • tls.certificatesSecret: Name of the secret that contains the certificates. No defaults.
  • tls.certFilename: Certificate filename. No defaults.
  • tls.certKeyFilename: Certificate key filename. No defaults.
  • tls.certCAFilename: CA Certificate filename. No defaults.

For example:

  • Create the secret with the certificate files:

      $ kubectl create secret generic certificates-tls-secret --from-file=./cert.pem --from-file=./cert.key --from-file=./ca.pem
    
  • Deploy the chart with the following parameters:

      tls.enabled="true"
      tls.certificatesSecret="certificates-tls-secret"
      tls.certFilename="cert.pem"
      tls.certKeyFilename="cert.key"
      tls.certCAFilename="ca.pem"