Before starting, we need to make sure that we have the required certificate. I do it in another place and bring it to the server with automation.

First, we need to create a secret in the kube-system namespace. The secret should be named default-ingress-cert and we can create or update it with the following command:

kubectl -n kube-system create secret tls default-ingress-cert \
  --key=/etc/ssl/private/ \
  --cert=/etc/ssl/private/ \
  --dry-run=client --save-config -o yaml  | kubectl apply -f -

After that, we need to create configuration for the traefik.

kind: TLSStore
  name: default
  namespace: kube-system

    secretName: default-ingress-cert

And apply it with the following command:

kubectl apply -f k3s-traefik-tls-store.yaml