Kaspersky Container Security requires SSL certificates to operate. The method to create certificates when deploying the solution is specified in the values.yaml configuration file in the default.certSource section. You can choose one of the following methods to create certificates:
helm – the method when the solution automatically creates the necessary certificates (used by default). vault – the method to be used if you plan to integrate the solution with the HashiCorp Vault external storage. You need to generate all the required certificates and upload them to HashiCorp Vault.files – the method to create certificates manually, for example, using the corporate CA. Scripts for manually certificates creation are stored in the "certs/" folder of the Helm Chart package.The generated certificates must match the expected certificate name in the values.yaml file in the secret section. If necessary, you can uncomment and redefine the expected certificate file names in the secret section.
Certificates have the following requirements:
kcs-licenses, kcs-middleware, kcs-mw-grpc, kcs-panel, kcs-postgres, kcs-scanner, kcs-scanner-api, kcs-updates, kcs-memcached, kcs-ab, kcs-s3, kcs-clicklickhouse, kcs-eb).