46 lines
1.1 KiB
Markdown
46 lines
1.1 KiB
Markdown
|
# Install of existing wildcard certificate
|
||
|
|
|
||
|
|
First of all, stop the suite using:
|
||
|
|
|
||
|
|
`/opt/src/DD# ./dd-ctl down`
|
||
|
|
|
||
|
|
To make certificate compatible with DD, you need to merge the fullchain with the private key of the certificate, the best way of doing this is concatenating two files in a new one:
|
||
|
|
|
||
|
|
`/tmp/certificatw# cat fullchain.pem cert.key > /opt/DD/src/haproxy/certs/chain.pem`
|
||
|
|
|
||
|
|
The fullchain.pem file must contain all the certificate chain, cert.key is the private key, it needs to end up something like this:
|
||
|
|
|
||
|
|
```
|
||
|
|
> cat /opt/DD/src/haproxy/certs/chain.pem
|
||
|
|
-----BEGIN CERTIFICATE-----
|
||
|
|
YDC ...
|
||
|
|
...
|
||
|
|
... PnQP
|
||
|
|
-----END CERTIFICATE-----
|
||
|
|
|
||
|
|
-----BEGIN CERTIFICATE-----
|
||
|
|
5dSf ...
|
||
|
|
...
|
||
|
|
... Hwgs
|
||
|
|
-----END CERTIFICATE-----
|
||
|
|
|
||
|
|
-----BEGIN CERTIFICATE-----
|
||
|
|
sI3q ...
|
||
|
|
...
|
||
|
|
... vZas
|
||
|
|
-----END CERTIFICATE-----
|
||
|
|
|
||
|
|
-----BEGIN RSA PRIVATE KEY-----
|
||
|
|
vzKJ ...
|
||
|
|
...
|
||
|
|
... 2dLs
|
||
|
|
-----END RSA PRIVATE KEY-----
|
||
|
|
```
|
||
|
|
|
||
|
|
Review the route where you created the new file chain.pem, it must be in /opt/DD/src/haproxy/certs
|
||
|
|
|
||
|
|
Once this is done restart the suite:
|
||
|
|
|
||
|
|
`/opt/src/DD# ./dd-ctl up`
|
||
|
|
|
||
|
|
Domain certificate must work then.
|