apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: azure-iot-operations-aio-selfsigned-root spec: selfSigned: {} --- apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: azure-iot-operations-aio-certificate-issuer spec: ca: secretName: azure-iot-operations-aio-ca-certificate --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: azure-iot-operations-aio-selfsigned-root namespace: cert-manager spec: isCA: true secretName: azure-iot-operations-aio-ca-certificate commonName: Azure IoT Operations Quickstart Root CA - Not for Production issuerRef: kind: ClusterIssuer group: cert-manager.io name: azure-iot-operations-aio-selfsigned-root privateKey: rotationPolicy: Never algorithm: RSA encoding: PKCS1 size: 2048 --- apiVersion: trust.cert-manager.io/v1alpha1 kind: Bundle metadata: name: azure-iot-operations-aio-ca-trust-bundle spec: sources: - secret: name: azure-iot-operations-aio-ca-certificate key: tls.crt target: configMap: key: ca.crt namespaceSelector: matchLabels: kubernetes.io/metadata.name: azure-iot-operations