You can change the TLS certificate that is used by Data Cataloging for serving web pages and the REST API
endpoints.
About this task
Follow the procedure to use a custom TLS certificate:
Procedure
-
Create a secret for your TLS certificate within the same namespaceas the
one used for deploying Data Cataloging on OpenShift® that is
"spectrum-discover".
Note: You can use any name for the secret. The following example uses my-tls-secret
as the
secret name.
oc create secret tls my-tls-secret --key ${KEY_FILE} --cert ${CERT_FILE} -n ibm-data-cataloging
- Modify the Data Cataloging custom resource and
specify the following ingress settings:
oc edit SpectrumDiscover spectrumdiscover -n ibm-data-cataloging
- Update the "host" and "tls_secret_name" in the
relevant ingress section.
ingress:
host: spectrum-discover.ibm.com
tls_secret_name: my-tls-secret
Note: The "ingress.host" setting must match the fully qualified domain name as specified in the TLS
certificate. This domain name is the hostname that the ingress binds to.
- Save the custom resource.
Note: The operator takes a while to go through all components and update them with the new settings.
Issue the following command to check the operator log for monitoring its progress.
oc logs $(oc get po -l name=spectrum-discover-operator -n ibm-data-cataloging -o name) -n ibm-data-cataloging -c operator --follow
- The log displays "PLAY RECAP" on completing the update.
- Enter ctrl+c to stop following the log.