Providing certificates to linkerd and linkerd-viz

75 Views Asked by jjangga At 08 November 2025 at 20:16

I am using linkerd-viz and linkerd-control-plane helm charts.

The former has tap.caBundle, tap.crtPEM, tap.keyPEM, tapInjector.caBundle, tapInjector.crtPEM, tapInjector.keyPEM values.

The latter has identityTrustAnchorsPEM, identity.issuer.tls.crtPEM, identity.issuer.tls.keyPEM values.

Can I set

tap.caBundle == tapInjector.caBundle == identityTrustAnchorsPEM

AND

tap.crtPEM == tapInjector.crtPEM == identity.issuer.tls.crtPEM

AND

tap.keyPEM == tapInjector.keyPEM == identity.issuer.tls.keyPEM

Is this practice possible and proper?

For example, if I write on helmfile's config, it'd be like the snippet below. (helmfile runs helm internally. For example, set: in yaml is equal to --set-file in cli)

  - name: linkerd-viz
    set:
      - name: tap.caBundle
        file: values/prod/certs/linkerd.ca.crt
      - name: tap.crtPEM
        file: values/prod/certs/linkerd.tls.crt
      - name: tap.keyPEM
        file: values/prod/certs/linkerd.tls.key
      - name: tapInjector.caBundle
        file: values/prod/certs/linkerd.ca.crt
      - name: tapInjector.crtPEM
        file: values/prod/certs/linkerd.tls.crt
      - name: tapInjector.keyPEM
        file: values/prod/certs/linkerd.tls.key

  - name: linkerd-control-plane
    set:
      - name: identityTrustAnchorsPEM
        file: values/prod/certs/linkerd.ca.crt
      - name: identity.issuer.tls.crtPEM
        file: values/prod/certs/linkerd.tls.crt
      - name: identity.issuer.tls.keyPEM
        file: values/prod/certs/linkerd.tls.key

Original Q&A

Providing certificates to linkerd and linkerd-viz

There are 0 best solutions below

Related Questions in KUBERNETES-HELM

Related Questions in LINKERD

Trending Questions

Popular # Hahtags

Popular Questions