Configuring Tanzu Cloud Service Broker with AWS certificate authority

search cancel

Configuring Tanzu Cloud Service Broker with AWS certificate authority

book

Article ID: 375976

calendar_today

Updated On:

Products

VMware Tanzu Application Service

Issue/Introduction

When binding an application to a service instance created in Tanzu CSB (Tanzu Cloud Service Broker for AWS, for example), you may encounter an error including this phrase:

Error: tls: failed to verify certificate: x509: certificate signed by unknown authority

Cause

The certificate authority for the IaaS (AWS, for example) must be added to the Trusted Certs field in the BOSH Director tile, Security tab.

Resolution

Download the bundle from the AWS web page:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html#UsingWithRDS.SSL.CertificatesDownload

You will need to chose the certificate for the appropriate region and copy its contents into the Trusted Certs field in the BOSH Director tile, Security tab.

Save the changes in the BOSH tile, then Apply Change to all deployments (tiles), particularly any deployments that have Diego Cells, and especially the CSB deployment.

Feedback

thumb_up Yes

thumb_down No