EDUCATIC
/
digitaldemocratic
mirror of https://gitlab.com/digitaldemocratic/digitaldemocratic
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
digitaldemocratic/docs/wildcard.md

1.1 KiB
Raw Blame History

Install of existing wildcard certificate

First of all, stop the suite using:

/opt/src/DD# ./dd-ctl down

To make certificate compatible with DD, you need to merge the fullchain with the private key of the certificate, the best way of doing this is concatenating two files in a new one:

/tmp/certificatw# cat fullchain.pem cert.key > /opt/DD/src/haproxy/certs/chain.pem

The fullchain.pem file must contain all the certificate chain, cert.key is the private key, it needs to end up something like this:

> cat /opt/DD/src/haproxy/certs/chain.pem
-----BEGIN CERTIFICATE-----
YDC ...
...
... PnQP
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
5dSf ...
...
... Hwgs
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
sI3q ...
...
... vZas
-----END CERTIFICATE-----

-----BEGIN RSA PRIVATE KEY-----
vzKJ ...
...
... 2dLs
-----END RSA PRIVATE KEY-----

Review the route where you created the new file chain.pem, it must be in /opt/DD/src/haproxy/certs

Once this is done restart the suite:

/opt/src/DD# ./dd-ctl up

Domain certificate must work then.