CA Certificates are used as the HTTPS security layer to secure communications across computer networks when using applications.
The domain name of your Votiro On-prem appliance is used in the CA Certificate, binding the address to the certificate, enabling a secure connection. An example of an appliance address is https://sfg-va.domain.com.
The CA Certificate used with your Votiro On-prem appliance must be a .pem and .key pair. You can convert the format of your CA Certificate using SSL Certificate software, for example OpenSSL.
Converting a CA Certificate
To convert a CA Certificate in .pfx format with password Pa$$w0rd to a .pem and .key pair, use the following OpenSSL commands:
| n | openssl pkcs12 -in /<path-to-certificate>/certificate.pfx -out /<path-to-certificate>/certificate.pem -nodes -passin pass:<Pa$$w0rd> |
| n | openssl pkey -in /<path-to-certificate>/certificate.pem -out /<path-to-certificate>/certificate.key |
Applying CA Certificate to Kubernetes Cluster
To apply the .pem and .key files to your Kubernetes cluster, use the following sets of commands to first delete, then create, a new certificate in the two namespaces traefik and votiro:
| n | kubectl delete secret traefik-cert -n votiro |
| n | kubectl create secret tls traefik-cert --key=/<path-to-certificate>/certificate.key --cert=/<path-to-certificate>/certificate.pem -n votiro |
Comments
0 comments
Please sign in to leave a comment.