Update TSL Certificate

Currently, the initial certificate generation is not yet automated. You must perform the following steps:

Make a directory for your certificates

docker exec -it letsencrypt_certbot mkdir -p /www/data/testbed.expeca.proj.kth.se/

Request the initial certificate

docker exec -it letsencrypt_certbot certbot certonly --noninteractive --agree-tos
Saving debug log to /var/log/kolla/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for testbed.expeca.proj.kth.se
Waiting for verification...
Cleaning up challenges

Copy fullchain.pem to site-config/certificates/haproxy.pem.

cd /opt/chi-in-a-box
mkdir -p ../site-config/certificates/
sudo cp /var/lib/docker/volumes/letsencrypt_certs/_data/live/testbed.expeca.proj.kth.se/fullchain.pem ../site-config/certificates/haproxy.pem

Append the private key to ../site-config/certificates/haproxy.pem.

sudo vim /var/lib/docker/volumes/letsencrypt_certs/_data/live/testbed.expeca.proj.kth.se/privkey.pem
vim ../site-config/certificates/haproxy.pem

Reset the necessary services

./cc-ansible deploy --site /opt/site-config --tags letsencrypt,haproxy,horizon

PreviousCreate a VM for the Controller NextAccess the Database

Last updated 2 years ago