Add an ACM certificate to an AWS EKS hosted platform instance

IBM® Rapid Infrastructure Automation® runs HTTPS with a self-signed certificate by default. You can add a certificate and key that you have in a file, but often the desired certificate is generated by AWS in the AWS Certificate Manager service. This process explains how to publish IBM Rapid Infrastructure Automation® using your own ACM certificate.

1. Download the RNA-proxy-elb-acm-cert.yaml file:

   wget https://distributor.RNA.io/RNA-proxy-elb-acm-cert.yaml

2. Find the ARN for your ACM certificate.
3. Edit the file RNA-proxy-elb-acm-cert.yaml, and replace YOUR_ACM_CERT_ARN with the ARN of your desired certificate.
4. Apply the RNA-proxy-elb-acm-cert.yaml file:

   kubectl apply -f RNA-proxy-elb-acm-cert.yaml

5. Use this command to find the external fqdn assigned by AWS to your new load balancer:

   kubectl get svc RNA-proxy-elb-cert

6. Set up a CNAME record in your DNS that points your platform hostname to that value.

You should now be able to reach IBM Rapid Infrastructure Automation® via a trusted HTTPS connection.