How To
Summary
Maximo Application Suite uses RedHat cert-manager to automatically manage SSL/TLS certificates. Alternatively, manual certificate management can be enabled to allow public transport layer security (TLS) certificates to be uploaded manually.
Objective
This document provides guidance on information to collect, and initial troubleshooting steps when encountering a certificate-related issue in MAS.
Steps
Check existing certificates:
- From the OpenShift console, go to 'Workloads'> 'Secrets' and select the MAS Core project.
- Search for "public" and select the "xxxx-cert-public" secret.
- Using OpenSSL or other tools, view contents of the content of the tls.crt.
- Confirm that the certificate is still valid and contains the correct Subject Alternative Names (SANs)
- Repeat if needed for other MAS application projects.
If custom domain has been implemented:
- From the OpenShift console, go to 'Administration'> 'CustomResourceDefinitions' >search and select: "Suite"
- Go to 'Instances' tab and select your Suite CR.
- Select 'YAML' and go to the spec.domain section and confirm that the domain value matches the one in the certificate.
If manual certificate management is enabled:
- Confirm that the certificates used for MAS Core and other applications share the same certificate authority.
- Ensure that the certificate/s contains all the required Subject Alternative Names (SANs) for each application.
Related Information
Document Location
Worldwide
[{"Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSRHPA","label":"IBM Maximo Application Suite"},"ARM Category":[{"code":"a8m3p000000hAeeAAE","label":"Maximo Application Suite-\u003ECore"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions","Type":"MASTER"}]
Was this topic helpful?
Document Information
Modified date:
19 June 2025
UID
ibm17157663