starlingx/docs
Code Issues Proposed changes
Files
3733f8a967aef8dc3da0d853e80f209ef1bb027e
docs/doc/source/security/kubernetes/install-update-the-starlingx-rest-and-web-server-certificate.rst
egoncalv 5579744656 Editorial updates on Security Guide upstream 
Acted on Greg's comments

Patch 1: Deleted duplicated docs and corrected references to fix build failure

Patch 2: Acted on Greg's and Ron's comments.

Patch 3: Acted on Greg's comment.

Patch 4: Acted on Mary's comments.

Patch 5: Solved merge conflict.

Patch 6: Worked on Mary's comments.

Patch 7: Fixed build conflict.

Patch 8: Worked on Mary's comments.

https://review.opendev.org/c/starlingx/docs/+/792461

Signed-off-by: egoncalv <elisamaraaoki.goncalves@windriver.com>
Change-Id: I647711ac35f45bc9c79cc490269831770e98e2f4
2021-06-02 12:28:10 -03:00

47 lines
1.5 KiB
ReStructuredText
Raw Blame History

.. law1570030645265
.. _install-update-the-starlingx-rest-and-web-server-certificate:
============================================================
Install/Update the StarlingX Rest and Web Server Certificate
============================================================
Use the following procedure to install or update the certificate for the REST
API application endpoints \(Keystone, Barbican and StarlingX\) and the web
administration server.
.. rubric:: |prereq|
Obtain an intermediate or Root |CA|-signed certificate and key from a trusted
intermediate or Root |CA|. Refer to the documentation for the external
Intermediate or Root |CA| that you are using, on how to create public
certificate and private key pairs, signed by intermediate or a Root |CA|, for
HTTPS.
For lab purposes, see :ref:`Create Certificates Locally using openssl
<create-certificates-locally-using-openssl>` for how to create a test
intermediate or Root |CA| certificate and key, and use it to sign test
certificates.
Put the |PEM| encoded versions of the certificate and key in a single file,
and copy the file to the controller host.
.. rubric:: |proc|
- Install/update the copied certificate.
For example:
.. code-block:: none
~(keystone_admin)]$ system certificate-install -m ssl <pathTocertificateAndKey>
where:
**<pathTocertificateAndKey>**
is the path to the file containing both the intermediate or Root
|CA|-signed certificate and private key to install.
View Git Blame Copy Permalink