Enable TLS on kubernetes


I am trying to activate TLS for Consul on an on premise kubernetes cluster. I am following this guide, and TLS has been established correctly, however UI returns a bad certificate:

With port forwarding it works. So it has to do something with the DNS.
I am using F5 ingresses as a consul UI DNS.
I have seen many guides however I would like to know if there is something clear, since I am not sure I 'm down the right path.


Hey @nikfot

You might need to add additional SANs to your server certificate. You can do it in the Helm chart via global.tls.serverAdditionalDNSSANs and global.tls.serverAdditionalIPSANs properties.

1 Like

Thanks for the quick answer. I tried adding it like that:
serverAdditionalDNSSANs: ["'consul.test.example'"]
consul.test.example is the dns where the ingress is pointing. If this is the correct way to add it maybe I should try adding the IP.

@nikfot I think you might have a set of extra quotes there. I think it should be either:

serverAdditionalDNSSANs: ["consul.test.example"]


serverAdditionalDNSSANs: ['consul.test.example']