How to install TLS certificates
When no tls certificates are provided the platform will create a self-signed TLS certificate on its first start. This self-signed certificates lead to security warnings in the browsers when accessing the web interface of the platform.
To overcome this warnings in a productive system, the platform provides capabilities to exchange the self-signed certificates with valid ones:
Rename the certificate and key file to
tls.crtandtls.keyand place it in the directory next to the deploy_platform.sh script.Run
./deploy_platform.sh --install-certsOptional: To make the installed certificates outlast redeployments of the platform, place
tls.crtandtls.keyin$FAST_DATA_DIR/tls(the value of FAST_DATA_DIR is set indeploy_platform.sh.)
This procedure will also restart the pods of the platform related for TLS and the new certificate will be used for any subsequent https requests.