From d423fedf39238bab91e4d08c417e4f29aaf3dc3f Mon Sep 17 00:00:00 2001 From: Aleix Quintana Alsius Date: Sun, 23 Apr 2023 17:54:38 +0000 Subject: [PATCH] Wildcard translation --- docs/wildcard.md | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 docs/wildcard.md diff --git a/docs/wildcard.md b/docs/wildcard.md new file mode 100644 index 0000000..d0955dc --- /dev/null +++ b/docs/wildcard.md @@ -0,0 +1,46 @@ +# Install of existing wildcard certificate + +First of all, stop the suite using: + +`/opt/src/DD# ./dd-ctl down` + +To make certificate compatible with DD, you need to merge the fullchain with the private key of the certificate, the best way of doing this is concatenating two files in a new one: + +`/tmp/certificatw# cat fullchain.pem cert.key > /opt/DD/src/haproxy/certs/chain.pem` + +The fullchain.pem file must contain all the certificate chain, cert.key is the private key, it needs to end up something like this: + +``` +> cat /opt/DD/src/haproxy/certs/chain.pem +-----BEGIN CERTIFICATE----- +YDC ... +... +... PnQP +-----END CERTIFICATE----- + +-----BEGIN CERTIFICATE----- +5dSf ... +... +... Hwgs +-----END CERTIFICATE----- + +-----BEGIN CERTIFICATE----- +sI3q ... +... +... vZas +-----END CERTIFICATE----- + +-----BEGIN RSA PRIVATE KEY----- +vzKJ ... +... +... 2dLs +-----END RSA PRIVATE KEY----- +``` + +Review the route where you created the new file chain.pem, it must be in /opt/DD/src/haproxy/certs + +Once this is done restart the suite: + +`/opt/src/DD# ./dd-ctl up` + +Domain certificate must work then. \ No newline at end of file