kubectl create secret tls myapp-tls --cert=myapp.crt --key=myapp.key kubectl create configmap ca-bundle --from-file=ca.crt Mount in your deployment:
"common_name": "myapp.default.svc.cluster.local", "sans": [ "myapp.default.svc", "myapp.default.pod", "myapp-namespace.svc.cluster.local" ], "key_type": "rsa", "key_bits": 2048, "ttl": "168h" vmware vcert tool
# Linux example wget https://your-vcenter-or-pks-domain/api/cli/vcert-linux-amd64 chmod +x vcert-linux-amd64 sudo mv vcert-linux-amd64 /usr/local/bin/vcert Verify installation: kubectl create secret tls myapp-tls --cert=myapp