Multiple Clusters Syncing

Zeet enables you to sync your SSL certificate across multiple clusters. An HTTP-01 challenge requires the certificate validator reach a specific cluster. Therefore, if you have multiple clusters, you can't guarantee that an HTTP-01 challenge will reach a specific cluster. In contrast, a DNS-01 challenge validates the domain by proving you control the DNS for the domain name by putting a value in a TXT record under the domain. Therefore, a DNS-01 challenge is not dependent on reaching a specific cluster or domain. As such, a DNS-01 challenge is used for multi-cluster and wildcard domains.

1. Add Replication Cluster (if necessary)

If your Project is not already deployed to multiple clusters, here's how you add a replication cluster. Navigate to the General tab of your Project settings and find the Resources & Replication section. Here, you can add a new target cluster.

2. Add domain

Navigate to the Networking tab in your Project settings. Enter your custom domain into the input box. You will see instructions for all of your clusters. You only need to enter one set of instructions with your DNS.

Note, if you are syncing your certificate across multiple Resources, you will need to add the same domain to each Project.

3. Add DNS instructions to your domain provider

4. Sync Certificate with Cluster

After a few seconds (you may need to refresh), you will see the "Certificate Status" is "Ready" for one of the clusters. In the cluster where the "Certificate Status" is "Issuing" click on the gear icon. Under the "Sync from Cluster" dropdown, select the Project with the cluster that has the ready certificate. The SSL certificate will be copied from the this cluster. When successful, you should see "Certificate Synced with xxxxxxx" as shown below.

5. Success!