Configuring SSL on Devtest OpenShift environment
Article ID: 391128
Updated On:
Products
Issue/Introduction
The default SSL certificate does not provide secure access. Need assistance configuring SSL on DevTest Openshift environment.
Environment
All supported DevTest Openshift environments
Resolution
Update the custom_values.yaml to specify the name/password of the custom keyStore file and the name/password of the custom trustStore file.
custom_values.yaml
==========================
global:
ssl:
keyStore: /home/devtest/.devtest/certificates/webreckeys.ks
trustStore: /home/devtest/.devtest/certificates/webreckeys.ks
secrets:
ssl:
# ssl.cryptedKeyStorePassword is the base64 encoded string of "{cry}" + encrypted key store password.
# For example, the base64 encoded string of: "{cry}l1555457a80965344568568aa084f694ef7a9b08b26fb54135858e9f09cb10314f323ac35d2f2a8c5".
# alternatively, ssl.cryptedKeyStorePassword may specify the base64 encoded string of the plain-text unencrypted key store password.
# if it is specifying unencrypted password - devtest will generate /devtest/secrets.properties with the encrypted password.
cryptedKeyStorePassword: e2NyeX1sNjA5ZjhjMjlhNWRkYjYyYzQ4YjQ1NjEwMGQzMzhjZDAyMTNhNDNkMTBiOTQ5Y2E1YTk4MjRhNGQzMzQ0OTc3MTY5YjEwN2VjMjJjOWZkZGM0NDgy
# ssl.keyStorePassword is the base64 encoded string of key store password
keyStorePassword: #############==
# ssl.cryptedTrustStorePassword is the base64 encoded string of "{cry}" + encrypted trust store password
# For example, the base64 encoded string of: "{cry}l1555457a80965344568568aa084f694ef7a9b08b26fb54135858e9f09cb10314f323ac35d2f2a8c5"
# alternatively, ssl.cryptedTrustStorePassword may specify the base64 encoded string of the plain-text unencrypted trust store password.
# if it is specifying unencrypted password - devtest will generate /devtest/secrets.properties with the encrypted password.
cryptedTrustStorePassword: e2NyeX1sNjA5ZjhjMjlhNWRkYjYyYzQ4YjQ1NjEwMGQzMzhjZDAyMTNhNDNkMTBiOTQ5Y2E1YTk4MjRhNGQzMzQ0OTc3MTY5YjEwN2VjMjJjOWZkZGM0NDgy
# ssl.trustStorePassword is the base64 encoded string of trust store password
trustStorePassword: #############==
==========================
Note: The custom Keystore and trustore files should be in the Persistent Volume under /home/devtest/.devtest/certificates/ folder.
Additional Information
See global properties section for more details:
https://techdocs.broadcom.com/us/en/ca-enterprise-software/devops/devtest-solutions/10-8/installing/installing-devtest-with-container-platforms/configure-and-deploy-devtest-using-helm-chart/deploy-using-helm-chart/values-yaml-configurations.html#concept.dita_4971ff91-6f79-4ebf-8eae-b2174a65193d_globalProperties
Feedback
