Creating secrets to protect sensitive IBM Enterprise Records configuration data

Before you install Enterprise Records, create secrets manually to protect the configuration data that you enter.

Procedure

Prepare your security environment and provide a keystore password.
The keystore password is used to create the keystore and truststore for the container. The keystorePassword must be 16 or more characters when FIPS is enabled. Run the following command by using the keystore password values:
kubectl create secret generic ibm-ier-secret \
  --from-literal=keystorePassword="xxxxxxx" \
 -n "{{ namespace }}"
Note: When you create secrets, special characters such as $, \, *, =, and ! are interpreted by your shell, and therefore need escaping. In most shells, the simplest way to escape a password is to surround it with single quotation marks ('). For example, if your password is S!B\*d$zDsb= then use single quotation marks around the password string:
--from-literal=password='S!B\*d$zDsb='

You do not need to escape special characters in passwords from files (--from-file). For more information, see Managing Secrets.

The secret that you create, ibm-ier-secret is the value for the parameter ier_secret_name.