OpenShift 3 SSL

From Dogtag
Jump to: navigation, search

Installation

To install certbot:

$ dnf install certbot

Requesting New Certificate

To request a new SSL certificate:

$ oc scale dc/<app> --replicas=0
$ certbot certonly --standalone \
-d <domain> \
--agree-tos -m <email>
$ oc scale dc/<app> --replicas=1
$ oc create route edge <name> \
--service=<service> \
--cert=cert.pem \
--key=privkey.pem \
--hostname=<domain> \
--insecure-policy=Redirect

Renewing Certificate

To renew SSL certificate:

$ oc scale dc/<app> --replicas=0
$ certbot renew
$ oc scale dc/<app> --replicas=1
$ oc delete route <name>
$ oc create route edge <name> \
--service=<service> \
--cert=cert.pem \
--key=privkey.pem \
--hostname=<domain> \
--insecure-policy=Redirect

References