Adding SSL to an AKS Ingress Controller (without using Let’s Encrypt)

August 12, 2019

I wrote about the ability to add HTTPS to an AKS cluster using Let’s Encrypt, but recently ran into a case where I needed to add a cert from a specific CA to the cluster.

To do this, you need the following:

An AKS cluster deployed in an Azure tenant.
A certificate (should start with —–BEGIN CERTIFICATE—–)
A private key associated to the certificate above (used when creating the CSR for the cert, and will start with —–BEGIN RSA PRIVATE KEY—–)

Import the cert into the cluster:

After the cert imported, create an ingress controller:

Afterwards, check to ensure your cert is coming through using the endpoint defined in the Ingress Controller.