How to import certificates to a CJE cluster

Issue

  • We need to install a certificate chain as we use self signed certs in our internal docker registry.

Environment

Resolution

To import the certificates in your cluster you have to use the certificates-update cluster operation

cje prepare certificates-update

then you copy your certificates and all certificates chain in $CJE_PROJECT_FOLDER/certificates, the certificate files must end with .pem extension.

Then, you run cje apply and the certificated will be picked up automatically and installed on all VMs/containers involved in the cluster.

Finally, you need to restart all the Managed Masters for those changes to take effect.

Note: If the SSL certificate is self-signed or uses a custom certificate authority, it needs to be trusted by the workstation running the installation (import to the default JVM .keystore) as well as copied to the workers of the cluster.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.