Generating certificate for local dev environment in WSL2
Ok, got this figured out with some help:
- https://github.com/Microsoft/WSL/issues/3161#issuecomment-451863149
- https://ddev.readthedocs.io/en/latest/#installation-or-upgrade-windows-wsl2
- https://www.haveiplayedbowie.today/blog/posts/secure-localhost-with-mkcert/
This is what worked for my use case. Granted, I didn't test it without installing mkcert
into WSL, so that step may not be necessary:
- Use
choco
to installmkcert
:choco install -y mkcert
- In Windows,
mkcert -install
- WSL install
mkcert
(again, not 100% sure this is necessary):curl -Lo mkcert https://github.com/FiloSottile/mkcert/releases/download/v1.4.3/mkcert-v1.4.3-linux-amd64 && sudo install mkcert /usr/local/bin/
- In WSL,
mkcert -install
(again, not 100% sure this is necessary) - In Windows:
mkcert localhost 127.0.0.1 ::1
- This will generate them in your
C:\Users\<user>\
directory by default - Copy them into WSL, which for my use case is the root of my project
- Then for my use case I run:
kubectl create secret tls tls-localhost-dev --key=localhost+2-key.pem --cert=localhost+2.pem -n dev
- For my use case, I then run
kubectl apply -f k8s/dev/tls.yaml
which contains:apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: letsencrypt-dev-issuer namespace: cert-manager spec: ca: secretName: tls-localhost-dev --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: letsencrypt-dev-certificate namespace: cert-manager spec: secretName: tls-localhost-dev dnsNames: - localhost issuerRef: name: letsencrypt-dev-issuer kind: Issuer
This time after running skaffold dev
, and minikube tunnel
, my app is running with the TLS certificates like it should be.