Hi all,
I have service in Consul, now need to connect to outside Service (Elasticsearch),create TerminatingGateway config all in deployment but cannt connect withou TLS cert because my endpoint - https. How create right TLS cert ? Where i need put this ?
apiVersion: consul.hashicorp.com/v1alpha1
kind: TerminatingGateway
metadata:
name: tg
spec:
services:
- name: elastic
caFile: /etc/certs/consul-agent-ca.pem
A consul running on k8s
Thanks
It sounds like you need to provide the CA of the elastic search service to the terminating gateway, not the consul agent CA.
What you have there is correct for the terminating gateway CR but you just need to make sure that the CA cert of the elastic search service exists where the terminating gateway is running. If you’re using the Consul helm chart to deploy it, then you can create a Kubernetes secret with the CA of the elastic search service and attach it to the gateways via extraVolumes: Helm Chart Configuration | Consul by HashiCorp