How to secure anya

The setup of anya requires a SSL/TLS Certificate to allow incoming traffic.

Option 1

Cloudflare - SSL Full (Strict)

One can register for a free SSL Cetificate. Cloudflare will restrict and route all incoming requests to your server. Therefore you need to generate a Origin Certificate. This certificate needs to be uploaded for all namespaces in use with the corresponding hostname (ex. ‘anya’, ‘preview’, ‘production’)

The Origin Certificate is only valid when using the Cloudflare SSL Full (Strict) Service. For using this service, you need to set Cloudflare’s nameservers for your domain.

Option 2


You can install the cert-manager as a Kubernetes App, which will automatically watches the state of your certificate and will issue or renew a Let’s Encrypt Certificate.

Option 3


You can generate a self signed SSL Certificate with OpenSSL. you can upload it like this: