Manually Renew A Let’s Encrypt Certificate from Kubernetes

I work with a series of Kubernetes clusters that are restricted to public access, but still are encrypted using Let’s Encrypt certificates. Normally, when renewal is requied, this process is automatically done for you.

In the case above, I have to kick off the renewal process directly. This can be done easily with deleting the TLS secret generated for the certificate. This can be done through the UI:

Or via CLI:

kubectl delete secret tls-secret

Once this is done, the cert should automatically attempt a renewal. You can check the status of this with:

kubectl describe certificate tls-secret --namespace ingress-nginx

You should see the following:

Leave a Reply

Your email address will not be published. Required fields are marked *