Extracting the management ingress-ca certificates

In order for the management subsystem to be able to communicate with subsystems in different namespaces, these subsystems need to have the same ingress-ca certificates as the management subsystem.

About this task

This task describes how to extract the ingress-ca certificates to a yaml file, ready for applying to the subsystems that are in different namespaces.

Procedure

  1. Export the ingress-ca secret to a yaml file with: oc -n <management namespace> get secret ingress-ca -o yaml > ingress-ca.yaml
  2. Edit the ingress-ca.yaml file and remove the following properties: metadata.creationTimestamp, metadata.namespace,metadata.resourceVersion, metadata.uid, metadata.selfLink
  3. Keep this file safe. You will need to apply it in the namespaces of your other subsystems so that they can communicate with the management subsystem.