mirror of https://github.com/istio/istio.io.git
644815184f
* recommit #1590 to release-0.8 With the following changes: 1. Title: Securing Gateways with HTTPS 2. Added a step for redeploying istio-ingressgateway in Istio-0.8.0 1. For Istio 0.8.0, redeploy `istio-ingressgateway` with a volume to contain the [CA](https://en.wikipedia.org/wiki/Certificate_authority) certificate that the server will use to verify its clients. ```command $ kubectl apply -f <(helm template install/kubernetes/helm/istio --name istio --namespace istio-system -x charts/ingressgateway/templates/deployment.yaml --set ingressgateway.deployment.secretVolumes[0].name=ingressgateway-certs,ingressgateway.deployment.secretVolumes[0].secretName=istio-ingressgateway-certs,ingressgateway.deployment.secretVolumes[0].mountPath=/etc/istio/ingressgateway-certs,ingressgateway.deployment.secretVolumes[1].name=ingressgateway-ca-certs,ingressgateway.deployment.secretVolumes[1].secretName=istio-ingressgateway-ca-certs,ingressgateway.deployment.secretVolumes[1].mountPath=/etc/istio/ingressgateway-ca-certs) deployment "istio-ingressgateway" configured ``` 1. Create a Kubernetes `Secret` to hold the [CA](https://en.wikipedia.org/wiki/Certificate_authority) certificate, namely `istio-ingressgateway-ca-certs` in namespace `istio-system`. The Istio gateway will automatically load the secret. * add LibreSSL and macOS to .spelling * rephrase the reference to the ingress task * remove redundant trailing space * fix the ingress links and the ingress port in endpoints guide * fix a link to VirtualService gateways * update links in FAQ about secure ingress |
||
|---|---|---|
| .. | ||
| accessing-control-services.md | ||
| auth-mix-and-match.md | ||
| cert-lifetime-config.md | ||
| does-istio-support-authorization.md | ||
| enabling-disabling-mtls.md | ||
| https-overlay.md | ||
| index.md | ||
| istio-to-not-istio.md | ||
| k8s-api-server.md | ||
| k8s-health-checks.md | ||
| secret-encryption.md | ||
| secure-ingress.md | ||
| use-k8s-secrets.md | ||