Copying SSL certificates and deployments (Cognos Analytics)

Complete the following steps to copy SSL certificates and deployments to the artifacts shared volume.

Before you begin

The Cognos® Analytics service must be provisioned in IBM Cloud Pak® for Data.

Obtain the oc client tool for the version of Red Hat® OpenShift® you are using. For more details, see Installing the OpenShift command-line interface.

Note: PEM files contain ASCII (or Base64) encoding data. The certificate files can be .PEM or .CER formats. The IBM Global Security Kit .ARM format is also supported.

Procedure

  1. Log in to your Red Hat OpenShift cluster as a cluster administrator by using the following command:
    oc login OpenShift_URL:port
  2. Set the project for your Cognos Analytics installation, and set the artifacts service pod name as the bash shell variable:
    oc project ${PROJECT_TETHERED}
    ARTIFACTS_POD=$(oc get pods  | grep artifacts | awk '{print $1}')
  3. Copy the deployments to the artifacts:
    oc cp <some deployment file name> ${ARTIFACTS_POD}:/artifacts-data/deployment/files/
  4. Copy the certificates to the artifacts:
    oc cp <some PEM file with .pem, .cer or .arm extension> ${ARTIFACTS_POD}:/artifacts-data/certificate/files/
  5. After you add a certificate, you must restart the ca-cpd-cm, ca-cpd-rest, cap-cpd-reporting, and ca-cpd-smarts pods. It is not necessary to restart pods when you are adding a deployment. Run the following commands to restart pods:
    CA_INSTANCE=$(echo $ARTIFACTS_POD | awk -F '-' '{print $1}')
    oc delete pod $(oc get pod | grep $CA_INSTANCE | grep ca-cpd-cm | awk '{print $1}')
    oc delete pod $(oc get pod | grep $CA_INSTANCE | grep ca-cpd-rest | awk '{print $1}')
    oc delete pod $(oc get pod | grep $CA_INSTANCE | grep ca-cpd-reporting | awk '{print $1}')
    oc delete pod $(oc get pod | grep $CA_INSTANCE | grep ca-cpd-smarts | awk '{print $1}')