openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
enterprise-4.21
openshift-docs/networking/configuring_network_settings/configuring-a-custom-pki.adoc
Steven Smith e1994996a9 Additional ADV updates to core net docs
2026-01-26 14:35:05 +00:00

30 lines
1.3 KiB
Plaintext
Raw Permalink Blame History

:_mod-docs-content-type: ASSEMBLY
[id="configuring-a-custom-pki"]
= Configuring a custom PKI
include::_attributes/common-attributes.adoc[]
:context: configuring-a-custom-pki
toc::[]
[role="_abstract"]
To ensure secure communication between internal components in your {product-title} cluster, you can add your organization's custom Certificate Authority (CA) certificates to the cluster-wide truststore.
You can add your custom CA certificates to the cluster-wide truststore in one of two ways:
* During cluster installation, by adding your CA certificate to the `install-config.yaml` file.
* On a running cluster, by creating a `ConfigMap` object that contains your CA certificate and referencing it in the cluster `Proxy` object.
[IMPORTANT]
====
The cluster Proxy object is the mechanism for managing the cluster-wide truststore. This guide focuses only on the task of adding a CA. If you also need to configure an egress proxy, refer to the "Configuring the cluster-wide proxy" chapter for detailed instructions.
====
include::modules/adding-a-custom-CA-during-cluster-installation.adoc[leveloffset=+1]
include::modules/adding-a-custom-CA-to-a-running-cluster.adoc[leveloffset=+1]
include::modules/verifying-the-custom-ca-configuration.adoc[leveloffset=+1]
include::modules/certificate-injection-using-operators.adoc[leveloffset=+1]
View Git Blame Copy Permalink