Configure custom SSL certificate

You can configure a custom self-signed certificate in the Kubernetes Dashboard. For more information, see NGINX Ingress Controller Guide.

Prerequisites

Install the DataClarity platform with the self-signed certificate enabled.

If the self-signed certificate was disabled during the installation, you need to reinstall and enable it:

  1. Execute the install.sh script.
  2. Type y when asked to set up HTTPS using Self-Signed SSL Certificate.
Procedure
  1. If the .key file is encrypted (password protected), you need to decrypt it because Kubernetes does not support encrypted key files:

    Copy
    openssl rsa -in ssl.key -out ssl_unencr.key
  2. Create a new secret using the certificate files, where ‘new-ssl’ is the name of the secret, and ‘ssl_unencr.key’’ and ‘ssl.crt’ are the certificate files:

    Copy
    kubectl create secret tls new-ssl --key="ssl_unencr.key" --cert="ssl.crt"
  3. In the Kubernetes Dashboard:

    1. Go to the ingress namespace.

    2. Under Daemon Sets, open nginx-ingress-microk8s-controller for editing.

    3. For the nginx-ingress-microk8s container, under args, add the following SSL argument, where ‘new-ssl’ is the name of the secret:

      "--default-ssl-certificate=default/new-ssl"

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.