Replacing self-signed certificates
You can replace the self-signed certificate with a CA-signed certificate by using the dockerManageZoa.sh config-certificates use-provided command.
About this task
For this process, you need to provide the following artifacts:
- A CA-signed certificate in
- The root certificate and the intermediate certificate (if provided) required to validate the
authenticity of the CA-signed certificate, both in
PEMformat.Note: Certificate chains are currently not supported.
- The private key used for the CA signing request. Both RSA keys and EC keys are supported.
Place the required certificate and key files into a directory that is accessible to the
- Run the following command to replace the self-signed certificate:
dockerManageZoa.sh config-certificates use-provided
podmanManageZoa.sh config-certificates use-provided
- Follow the instructions on the screen.
- After you replace the certificate, restart all the consuming services for the change to take effect.