There are times when you will need to install or update certificates on your server. Please see the general instructions below to complete this task. Should you require assistance, please send a request to BlueCat Customer Care.
LiveAssurance uses Traefik as the API gateway and ingress. To
configure Traefik to use a TLS certificate, use the following
procedure:
-
Upload the TLS certificate and the key in the traefik tls directory /usr/share/indeni-services/traefik/etc/tls.
For example: /usr/share/indeni-services/traefik/etc/tls/traefik-cert.crt and /usr/share/indeni-services/traefik/etc/tls/traefik-cert.key
If the
traefik tlsdirectory doesn't already exist, create one. -
Configure
Traefikto use this certificate and key for all domains by default. You can do this by creating atraefik-tls.yamlin thetraefik confdirectory /usr/share/indeni-services/traefik/etc/conf. If the file doesn't already exist, create one with the following:tls: options: default: minVersion: VersionTLS12 stores: default: defaultCertificate: certFile: /usr/share/indeni-services/traefik/etc/tls/traefik-cert.crt keyFile: /usr/share/indeni-services/traefik/etc/tls/traefik-cert.key
Traefik monitors this directory and will pickup the new certificate
without needing a restart.