Reputation: 35
Openshift: create passthrough secure route
I'm new to Openshift and I'm currently trying to learn how to create a secure passthrough route. So far I have to create a private key, generate a CSR, and generate a self-signed certificate. I'm getting stuck on the next steps. I believe I have to create a TLS secret and then mount cert inside the container? Can anyone show me the next steps?
Generate private key
$ openssl genrsa -out php.key 2048
generate CSR
$ openssl req -new -key php.key -out php.csr \
-subj "/C=GB/ST=London/L=London/O=IT/OU=IT/CN=www.example.com"
generate self-signed certificate
$ openssl x509 -req -days 366 -in php.csr \
-signkey php.key -out php.crt
After this step I'm not sure how to do the TLS secret and mount cert in container
Upvotes: 1
Views: 1556
Answers (1)
Reputation: 26
create a secret under same project $ oc create secret tls php --cert=php.crt --key=php.key
Inject secret in Deployment. $ oc set volumes dc php --add -t secret --secret-name=php -m /usr/local/etc/ssl/certs
Expose your service $ oc create route passthrough php --service=php --hostname=php.apps.example.com
Note: /CN name should be "php.apps.example.com"
Upvotes: 1
Related Questions
- Create OpenShift TLS route from secret
- OpenShift Origin V3- edge, passthrough and encrypt termination
- Openshift route is not accepting traffic yet because it has not been admitted by a router
- Securing the route on OPENSHIFT
- How to create re-encrypting route for hawkular-metrics in OpenShift Enterprise 3.2
- Configure multiple paths for an Openshift Route
- Create HTTPS-based Encrypted URLs Using Routes for Starter subscription
- openshift and let's encrypt certificates
- OpenShift with Comodo SSL
- HTTP Strict Transport Security on openshift