TLS Certificate Mgmt for CDN
Hello, I am new to cdn and an old school devops guy from the 2000s. I am currently hosting an web application that would benifet from a cdn. I am using a kubernetes cluster with traefik ingress controller. This is where I put my own tls certs. These are wild card certs.
The way I understand this relationship with CF cdn, is that we both have to use the same Certs at the origin and at the edge. What I am struggling with is how to share the certs. It looks like there are a few ways that this happens. It would seem the easiest is to allow CF to be the CA and look after the issuance and renewal of the certs. What I am struggling with is, how does the origin know the cert has been renewed and how do I get it? Is this all done with the api? is there a configurable webook that can be hit when the renewal happens? Thanks for the help.
The way I understand this relationship with CF cdn, is that we both have to use the same Certs at the origin and at the edge. What I am struggling with is how to share the certs. It looks like there are a few ways that this happens. It would seem the easiest is to allow CF to be the CA and look after the issuance and renewal of the certs. What I am struggling with is, how does the origin know the cert has been renewed and how do I get it? Is this all done with the api? is there a configurable webook that can be hit when the renewal happens? Thanks for the help.
0 Replies