Server side SSL Certificate configuration

Owned by Manoj Kumar Srivastava
Last updated: Feb 28, 2023 by Raparthi Kalyan
1 min read

Default Certificate

After the UI appplication is up user's gets self signed certificate by default , if user want to use there private trusted SSL certificate follow this steps.

Prerequisites

  • DNS allocated to server .

  • Trusted SSL certificate and Key with <your_certificate_name>.crt & <your_certificate_key>.key files (.crt & .key extensions are only supported) and if its password protected copy the password in knowhow.pass file.

  • SSL certificate should have common name as DNS name and should be valid from date of upload .  

Steps to upload the Certificate to the server

  1. Upload the certificates on the KnowHow server .

  2. Copy the certificate to the ui container by the command 

    sudo docker cp /path/of/crt/<your_certificate_name.crt> ui:/etc/ssl/certs/knowhow.crt sudo docker cp /path/of/key/<your_certicate_name.key ui:/etc/ssl/certs/knowhow.key sudo docker cp /path/of/password/file/<knowhow.pass ui:/etc/ssl/certs/knowhow.pass (if your crt is password protected, else ignore ) sudo docker restart ui

FAQ

Possibilities of Error message.

  1. "Your connection is not private " even after uploading you certificate.
    Solutions:
    i. Could be you uploaded a self sign certificate.
    ii. You have not opened  the application using the DNS, which matches the common name(issued to) of your certificate.
    iii. DNS not matching with common name .
    iv. After upload of certificate you did not restarted ui container.

  2. ''no such file or directory" while executing the docker cp command
    Solution:
    i. Your certificate is not inside /tmp directory do mv <path_of_cert> /tmp

    ii. If you do not have execute rights over certificate do chmod +rwx <cert name>

© 2022 Publicis Sapient. All rights reserved.