Copy the ingress issuers to the Linux x86_64 cluster

Export the ingress issuers on the IBM Z cluster, and copy them to the Linux x86_64 cluster.

1. Verify that the Cloud Pak for Integration and API Connect operators were installed on the Linux x86_64 cluster.
2. Export the Management ingress CA secret from the namespace of the IBM Z cluster where the Management subsystem is running.

   Run the following command on the IBM Z cluster:

   oc get secret <apiconnectCluster_name>-ingress-ca -o json| jq 'del(.metadata.creationTimestamp,.metadata.namespace,.metadata.resourceVersion,.metadata.uid,.metadata.selfLink)' > ingress-secret.json
   

   where <apiconnectCluster_name> is the name of the API Connect cluster.

   Note: If you intend to deploy the Gateway and Analytics subsystems to different namespaces, then repeat the steps 3 through 6 in each target namespace.
3. Apply the ingress-secret.json to the target namespace on the Linux x86_64 cluster:

   oc apply -f ingress-secret.json -n <namespace>

4. Create a file called ingress-issuer.yaml with the following contents:

   Replace <apiconnectCluster_name> with the name of the API Connect cluster.

   apiVersion: cert-manager.io/v1
   kind: Issuer
   metadata:
     name: <apiconnectCluster_name>-ingress-issuer
   spec:
     ca:
       secretName: <apiconnectCluster_name>-ingress-ca
   ---
   apiVersion: cert-manager.io/v1
   kind: Issuer
   metadata:
     name: <apiconnectCluster_name>-self-signed
   spec:
     selfSigned: {}

5. Apply the ingress-issuer.yaml to the target namespace on the Linux on x86_64 cluster:

   oc apply -f ingress-issuer.yaml -n <namespace>

6. Validate that the issuers are in the READY state by running the following command:

   oc get issuer -n <namespace>

   The response should look like the following example:

   NAME                                      READY
   <apiconnectCluster_name>-ingress-issuer   True
   <apiconnectCluster_name>-self-signed      True