Configure custom SSL certificate
You can configure a custom self-signed certificate in the Kubernetes Dashboard. For more information, see NGINX Ingress Controller Guide.
Install the DataClarity platform with the self-signed certificate enabled.
If the self-signed certificate was disabled during the installation, you need to reinstall and enable it:
- Execute the install.sh script.
- Type y when asked to set up HTTPS using Self-Signed SSL Certificate.
If the .key file is encrypted (password protected), you need to decrypt it because Kubernetes does not support encrypted key files:Copy
openssl rsa -in ssl.key -out ssl_unencr.key
Create a new secret using the certificate files, where ‘new-ssl’ is the name of the secret, and ‘ssl_unencr.key’’ and ‘ssl.crt’ are the certificate files:Copy
kubectl create secret tls new-ssl --key="ssl_unencr.key" --cert="ssl.crt"
In the Kubernetes Dashboard:
Go to the ingress namespace.
Under Daemon Sets, open nginx-ingress-microk8s-controller for editing.
For the nginx-ingress-microk8s container, under args, add the following SSL argument, where ‘new-ssl’ is the name of the secret: