Skip to main content

hello, I would like to know if there is another way to renew a TSL certificate used to access IFS without reinstalling the entire kubernetes cluster?

Hi Regis,

  1. Prepare an updated TLS certificate.
  2. Copy the new TLS certificate to ifsroot\config\certs.
  3. Open ifsroot\config\ifscloud-values.yaml.
  4. Update and verify "certificateFile" and "certificatePassword" as appropriate.
  5. Rerun mtinstaller action.
installer.cmd --set action=mtinstaller

Then verify the certificate validity dates. An example with openssl:

openssl s_client -connect <url>:443 | openssl x509 -noout -dates

Best regards -- Ben

@K4uRegisC For Kubernetes-related certificates, you can refer to the following article. Two methods are mentioned for renewing the certificate.

Follow the below mention instruction to verify all the certificates related to microk8s.

  1. Login to middleware server of the environment (SSH)
  2. Check if certificates are available in below path
    1. /var/snap/microk8s/current/certs
  3. Now enter below command to all .crt files
    1. openssl x509 -in <.crt path>/<crt name>.crt -noout -enddate

Reply


Terms & ConditionsCookie settings