Configuring a custom Secure Sockets Layer (SSL) certificate
You can configure an SSL certificate to encrypt your organization's data exchanged between the browser and the HCL DevOps Velocity (Velocity) application.
Before you begin
- You must have created a Kubernetes cluster, activated Cloud Shell, added a node pool and created a namespace on the Kubernetes cluster. See Installation prerequisites.
- You must have created an SSL certificate and got the key.pem and certificate.crt file.
About this task
The helm install will automatically create a self-signed certificate and it is stored
in a default TLS secret with the name accelerate-tls
to match
the ingress domain. You can update the self-signed certificate with a custom SSL
certificate if you have an SSL certificate by a trusted Certifying Authority (CA).
To update a custom SSL certificate you must create a secret in the Kubernetes
cluster by following the steps in this task and you can provide the name of the new
secret that you created for the tls.secret
parameter in the helm
install command during installation.
Procedure
-
On the Cloud Shell terminal navigate to the directory where you have the
key.pem and certificate.crt
files of your SSL certificate.
Note: If you don't have an SSL certificate you have to create an SSL certificate.
-
Run the following command:
kubectl create -n <custom_namespace_name> secret tls velocity-custom-tls --key <key.pem> --cert <certificate.crt>
The following message is displayed:secret/velocity-custom-tls created
.