How to install TLS certificates
When no tls certificates are provided the platform will create a self-signed TLS certificate on its first start. This self-signed certificates lead to security warnings in the browsers when accessing the web interface of the platform.
To overcome this warnings in a productive system, the platform provides capabilities to exchange the self-signed certificates with valid ones:
Rename the certificate and key file to
tls.crt
andtls.key
and place it in the directory next to the deploy_platform.sh script.Run
./deploy_platform.sh --install-certs
Optional: To make the installed certificates outlast redeployments of the platform, place
tls.crt
andtls.key
in$FAST_DATA_DIR/tls
(the value of FAST_DATA_DIR is set indeploy_platform.sh
.)
This procedure will also restart the pods of the platform related for TLS and the new certificate will be used for any subsequent https requests.