BPM, Workflow, and Case

BPM, Workflow, and Case

Come for answers. Stay for best practices. All we’re missing is you.

 View Only

Adding Certificate to CloudPak BAW

By Suresh Subbaiah posted Tue March 16, 2021 08:42 AM

  

Adding Certificate to CloudPak BAW component.

Steps

 

  1. Extract the certificate of the server that needs to be added to BAW truststore.
            Ex: echo | openssl s_client -connect <hostname>:<port> |\
              sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > certificate.crt
 
  1. Create the secret of the cert.
            Ex: oc create secret generic cersecret--from-file=tls.crt=certificate.crt
 
  1. Now open the CR yaml file. Under Workflow_authoring_configuration update the secret names under tls like below.
         

 
  1. After updating the CR with the changes, apply it.

    oc apply -f <CR>.yaml --overwrite=true
 
Wait till the icp4adeploy-workflow-authoring-baw-server-0 gets restarted with latest changes.

 

 

3 comments
34 views

Permalink

https://community.ibm.com/community/user/blogs/suresh-subbaiah1/2021/03/16/adding-certificate-to-cloudpak-baw

Comments

Suresh Subbaiah
Mon May 03, 2021 11:55 PM

thanks @Jens Engelke

Jens Engelke
Wed March 17, 2021 02:50 AM

@Suresh Subbaiah

It appears the sample in your step 3 is not rendered.

Jens Engelke
Wed March 17, 2021 02:49 AM

Many servers have a certificate chain and it can be required to import not only one, but multiple certificates to make a connection work. 

A simple way of obtaining all certs is

keytool -printcert -sslserver cloud.ibm.com:443 -rfc > ibmcloud.crt