Closed stoeps13 closed 1 year ago
I don't believe we import/re-import the HAProxy cert to the Dmgr trust store, only the NGINX and IHS ones as part of the connections-post-install.yml
playbook. Was this playbook run as the end of the deployment?
Hi, yes, you're right, the nginx certificate is not deleted.
My last command is the playbook setup-component-pack-complete-harbor.yml which recreated the nginx certs and in the end restart Websphere, but does not import SSL certs.
So I add the role you mentioned there. Thanks
Solved, when rerunning the post install role
Since the update to Connections 8 the SSL certificate of HAProxy is not imported to Dmgr SSL certificate trust store!
Without this import, Connections is not loading at all. This is quite painful because HAProxy certificate gets regenerated on each CP playbook run, I would ask for checking if the certificate is valid for more than 90 days and then just keep the used SSL keys.