Created
January 20, 2020 10:36
-
-
Save sloppycoder/8b9b7abfb53921f6e293ece1488451d2 to your computer and use it in GitHub Desktop.
extract certifcate and key from openshift installation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # openshift installer by default uses a self-signed certificate for ingress controller | |
| # in order to use the ingress we need to extract the certificate and add it to local | |
| # trusted cert store to avoid warnings | |
| oc get secret router-certs-default -n openshift-ingress -o json > secret.json | |
| jq -r '.data."tls.key"' secret.json | base64 -d > private_key.pem | |
| jq -r '.data."tls.crt"' secret.json | base64 -d > cert.pem | |
| #the cert.pem file contains 2 certificate. the 1st one is used by the ingress controller, 2nd one is signer. | |
| # get the 2nd one and save it to file 2nd.crt | |
| # on ubuntu 18.04 | |
| sudo mkdir /usr/share/ca-certificates/openshift | |
| cp 2nd.crt ca-certificates/openshift/crc-ingress-operator.crt | |
| sudo bash -c 'echo "openshift/crc-ingress-operator.crt" >> /etc/ca-certificates.conf' | |
| sudo update-ca-certificates | |
| # use this command for some UI interaction | |
| #sudo dpkg-reconfigure ca-certificates |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment