BPM, Workflow, and Case

 View Only

Adding Certificate to CloudPak BAW

By Suresh Subbaiah posted Tue March 16, 2021 08:42 AM

  

Adding Certificate to CloudPak BAW component.

Steps

 

  1. Extract the certificate of the server that needs to be added to BAW truststore.
            Ex: echo | openssl s_client -connect <hostname>:<port> |\
              sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > certificate.crt
 
  1. Create the secret of the cert.
            Ex: oc create secret generic cersecret--from-file=tls.crt=certificate.crt
 
  1. Now open the CR yaml file. Under Workflow_authoring_configuration update the secret names under tls like below.
         

 
  1. After updating the CR with the changes, apply it.

    oc apply -f <CR>.yaml --overwrite=true
 
Wait till the icp4adeploy-workflow-authoring-baw-server-0 gets restarted with latest changes.

 

 

3 comments
31 views

Permalink

Comments

Mon May 03, 2021 11:55 PM

thanks @Jens Engelke

Wed March 17, 2021 02:50 AM

@Suresh Subbaiah

It appears the sample in your step 3 is not rendered.

Wed March 17, 2021 02:49 AM

Many servers have a certificate chain and it can be required to import not only one, but multiple certificates to make a connection work. 

A simple way of obtaining all certs is

keytool -printcert -sslserver cloud.ibm.com:443 -rfc > ibmcloud.crt