Cert-manager additional certificate output formats config through helm
This is just a quick note on how to do the configuration.
According to the reference of this feature, one need to enable the feature with feature gates on both controller and webhook.
The first trial I did is doing this:
helm install cert-manager jetstack/cert-manager --namespace cert-manager --version v1.7.1 --create-namespace --set installCRDs=true --set featureGates="AdditionalCertificateOutputFormats=true"I got this by reviewing the artifact hub (referred from installation page) and see the matching key called featureGates.
This DOES NOT work, because this featureGate only added the config to controller, but not the webhook component.
Solution
one would need to set the webhook with extraArgs as follow:
helm install cert-manager jetstack/cert-manager --namespace cert-manager --version v1.7.1 --create-namespace --set installCRDs=true --set featureGates="AdditionalCertificateOutputFormats=true" --set webhook.extraArgs={--feature-gates="AdditionalCertificateOutputFormats=true"}This is being found by reading github source code of the official install.sh file as below (which show their complete helm upgrade command)
Better option
I think the better option is to prepare a values.yaml for the helm install to use (helm install …. -f values.yaml)
The official values.yaml actually indicated those configurations:
Outcome
I am currently feeling a bit disappointed with this feature “additional certificate output formats”, I used to anticipate the result of the combined pem is combing the ca.crt and the tls.crt, but ended up it’s a combine of tls.key and tls.crt…
Anyway, there would be use case for this one.
Hope the article help someone else.
