Add a Certificate manually to an external Service
If you already have a running service and you want to connect to the external service. To establish the connection between these two services, you have to manually add the certificate in order to secure the connection between them.
Descriptionโ
This How-To will cover the necesssary steps to manually add the certificate to establish the connection with the external service.
Please note that the links to the workbench tools in this tutorial only apply to the IBM Education Environment we provide. If you are using a different environment, e.g. your own installation, you will need to navigate directly to the required tools.
Preconditionsโ
- You have successfully deployed your service through a deploy pipeline or through an application composition project.
Stepsโ
-
Login into the OpenShift Web Console.
-
In the left navigation bar, go to "Home" and "Search".
-
Search for "k5 project" and choose YAML section.
-
Find "additionalCertificates" field under truststore.
-
Provide the certificate details in the field.
Add the certificate in the truststoreโ
In order to add the certificate, please follow the below steps :
- Execute the command
echo | openssl s_client -showcerts -servername <your.server.com>in the terminal.
Please replace <your.server.name> with your actual server name to be able to execute the command correctly.
- Now, you need to base64 encode the contents of the certificate from the pem file, take the resulting string and paste it into the yaml as an item in the array.
truststore:
additionalCertificates:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FUR...
- LDO8easdasd...
- After applying these changes, pods and configuration files (i.e cli config, debug config) will be regenerated and you might need to redownload these files and redeploy the changes.
Congratulations! You have successfully added the certificate manually.