How to create Self Sign Certificate in HAA cluster?
- Login to the master node and execute the below commands. Make sure to have root privilege.
- openssl genrsa -out .pem 2048
Example to reg:
- openssl req -x509 -sha256 -new -nodes -key CAkey.pem -days 3650 -out CACert.pem
- There will be a prompt to fill the necessary details.
- Post having the certificate, update
- cd /opt/redislabs/bin
- rladmin cluster certificate set certificate_file .pem key_file .pem
Example:
./rladmin cluster certificate set cm certificate_file /root/cert/CACert.pem key_file /root/cert/CAkey.pem
Read more on Updating Certificates .
- Similarly apply same in other endpoints like proxy, syncer, metrics_exporter,api.
Example:
- ./rladmin cluster certificate set proxy certificate_file /root/cert/CACert.pem key_file /root/cert/CAkey.pem
- ./rladmin cluster certificate set syncer certificate_file /root/cert/CACert.pem key_file /root/cert/CAkey.pem
- ./rladmin cluster certificate set metrics_exporter certificate_file /root/cert/CACert.pem key_file /root/cert/CAkey.pem
- ./rladmin cluster certificate set api certificate_file /root/cert/CACert.pem key_file /root/cert/CAkey.pem
- To verify, login to the HAA UI portal. Go to Settings general tab, view the updated certificate.