[Community Edition] Default ssl certificate in haproxy not replaced by custom domain cert

[kfarr]

As a user following these instructions: https://hubs.mozilla.com/labs/community-edition-case-study-quick-start-on-gcp-w-aws-services/ I encounter a certificate error for my apex custom domain (such as 3dstreet.club) if I choose a name other than hcce for the cluster name.

I used the following workaround. Edit the YAML file manually after it is generated using bash render_hcce.sh and replace: line 1233 - --default-ssl-certificate=hubs-test-cluster/cert-hcce with - --default-ssl-certificate=hubs-test-cluster/cert-3dstreet.club

A more permanent change may be to fix the line in hcce.yam template to reflect the user's chosen domain name: Instead of: https://github.com/mozilla/hubs-cloud/blob/master/community-edition/hcce.yam#L1233 - --default-ssl-certificate=$Namespace/cert-hcce

Replace with: - --default-ssl-certificate=$Namespace/cert-$HUB_DOMAIN

[mikemorran]

Thank you @kfarr, I need to do some revamp on this document in the coming days and will include this updated information in there!

[mikemorran]

npm install pem-jwk -g

gcloud components install gke-gcloud-auth-plugin

^^^Some important commands as well

[mikemorran]

SEE HERE: https://github.com/mozilla/hubs-cloud/pull/323