If you are using the teleport acme letsencrypt integration, and you need to reissue the certificate for any reason, follow the following procedure.
Because the acme integration is intended to be used on a single non-ha instance of teleport, the instructions assume a single proxy node.
- Remove or rename the 'acme/' directory in the teleport data_dir location:
sudo mv /var/lib/teleport/acme /var/lib/teleport/acme-old - Restart the teleport service:
systemd: sudo systemctl restart teleport
kubernetes remove or restart the pod: kubectl restart pod/teleport
Once teleport comes back up, it will see the missing acme directory and issue the certificates just like it did the first time
Comments
0 comments
Please sign in to leave a comment.