openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-07 00:48:01 +01:00
Code Issues Releases Activity
Files
b861fb8d1fe02da170cbb977e5f74d9d1d76384c
openshift-docs/modules/mirror-registry-ssl-cert-replace.adoc
Steven b9dea0a791 Updates link in OMR docs
2024-04-03 18:08:16 +00:00

63 lines
2.2 KiB
Plaintext
Raw Blame History

// module included in the following assembly:
//
// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
:_mod-docs-content-type: PROCEDURE
[id="mirror-registry-ssl-cert-replace_{context}"]
= Replacing mirror registry for Red Hat OpenShift SSL/TLS certificates
In some cases, you might want to update your SSL/TLS certificates for the _mirror registry for Red Hat OpenShift_. This is useful in the following scenarios:
* If you are replacing the current _mirror registry for Red Hat OpenShift_ certificate.
* If you are using the same certificate as the previous _mirror registry for Red Hat OpenShift_ installation.
* If you are periodically updating the _mirror registry for Red Hat OpenShift_ certificate.
Use the following procedure to replace _mirror registry for Red Hat OpenShift_ SSL/TLS certificates.
.Prerequisites
* You have downloaded the `./mirror-registry` binary from the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page.
.Procedure
. Enter the following command to install the _mirror registry for Red Hat OpenShift_:
+
[source,terminal]
----
$ ./mirror-registry install \
--quayHostname <host_example_com> \
--quayRoot <example_directory_name>
----
+
This installs the _mirror registry for Red Hat OpenShift_ to the `$HOME/quay-install` directory.
. Prepare a new certificate authority (CA) bundle and generate new `ssl.key` and `ssl.crt` key files. For more information, see link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/manage_red_hat_quay/using-ssl-to-protect-quay/[Using SSL/TLS to protect connections to {quay}].
. Assign `/$HOME/quay-install` an environment variable, for example, `QUAY`, by entering the following command:
+
[source,terminal]
----
$ export QUAY=/$HOME/quay-install
----
. Copy the new `ssl.crt` file to the `/$HOME/quay-install` directory by entering the following command:
+
[source,terminal]
----
$ cp ~/ssl.crt $QUAY/quay-config
----
. Copy the new `ssl.key` file to the `/$HOME/quay-install` directory by entering the following command:
+
[source,terminal]
----
$ cp ~/ssl.key $QUAY/quay-config
----
. Restart the `quay-app` application pod by entering the following command:
+
[source,terminal]
----
$ systemctl restart quay-app
----
View Git Blame Copy Permalink