Replies: 1 comment 9 replies
-
|
Hi, The way the browsers handle TLS is that the root certificate has to be from a known and trusted issuer – this is of course a story unto itself, and you'd have to go through the process of getting an internal-use certificate from one of the major commercial CAs. Unless you're a major enterprise yourself, I suspect that this isn't the path you're aiming for, The much easier answer is that for your internal use you can simply add the ManagementCA certificate to your local root store, either locally on your machine (if using a webkit-derived browser like Chrome or Safari) or in the browser itself if using Firefox. Cheers, |
Beta Was this translation helpful? Give feedback.
-
|
Sorry, openshift not kubernets. And I have not used the community helm chart |
Beta Was this translation helpful? Give feedback.
-
|
I would recommend using the helm chart to deploy. The tutorial in this link has a step for setting up the nginx in the EJBCA pod, creates a secret for the TLS certificate you want to use, and then deploy EJBCA with helm. |
Beta Was this translation helpful? Give feedback.
-
|
Jag kollar upp det! återkommer |
Beta Was this translation helpful? Give feedback.
-
|
So I almost got it to work in openshift using a route and reencrypt, but now firefox won't let me use the superadmin certificate. Any advice? |
Beta Was this translation helpful? Give feedback.
-
|
It sounds like the route needs to be configured with the ca certificates to trust for mtls to prompt you for the super admin certificate. With nginx ingress the annotation |
Beta Was this translation helpful? Give feedback.
-
Hi, How do I change the certificate so that I do not get certificate warnings when accessing the UI? The managementCA is the issueing CA now, Can I for example use a certificate from another CA for secure the web interface?
Beta Was this translation helpful? Give feedback.
All reactions