search cancel

How to renew pssg and dssg certificates in the Kubernetes hosted Portal

book

Article ID: 228417

calendar_today

Updated On:

Products

CA API Developer Portal

Issue/Introduction

We need to renew certificates for portal which is Kubernetes hosted.

We use helm to deploy these. 

How do we regenerate the certificates?

 

 

 

Environment

Release : 5.0.2

Component :

Resolution

On Portal the Yaml should contain, 

# You may need to update the internal/external facing certificates, to do this set rotate
# to one of the following and run the helm upgrade command.
# Options: all, internal, external, none
# Be sure to change it back to none afterwards to avoid certificates being rotated everytime you upgrade!
  rotate: none

So to regenerate new Certificates,

Set rotate to all in the yaml and do a helm upgrade.

Reset back to none once the upgrade is complete so that cert rotation does not happen every time there is an upgrade.

Then you may need to import the certificates into the gateway after they are re-newed.

To replace the certificates you can follow the documented steps from the hyperlink below.

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-developer-portal/5-0-2/set-up-and-maintenance/create-and-sign-certificates-for-production/certificate-management-for-gateway-integration.html