This change supports a user-specified TLS/SSL certificate.
In solution.yaml, if common.ssl.external_certificate is specified, then a secret with the specified name is presumed to hold the certificate to be used by CORTX servers.
Requirements:
This secret must have the key "cortx.pem"
The contents of the field must be in PEM format, containing the Private Key and Certificate
By default common.ssl.external_secret is not specified. In this case a certificate is generated. (Technically, it is not generated at the time of deploy, but it uses a previously generated certificate that expires in about 10 years. It would be better to generate this certificate at deploy time, but this PR does not address this. It can be addressed in the future.)
Type of change
[ ] Bug fix (non-breaking change that fixes an issue)
[x] New feature (non-breaking change that adds new functionality)
[ ] Breaking change (bug fix or new feature that breaks existing functionality)
[ ] Third-party dependency update
[ ] Documentation additions or improvements
[ ] Code quality improvements to existing code or test additions/updates
Applicable issues
This change fixes an issue: CORTX-33018
CORTX image version requirements
N/A
How was this tested?
Tested with ssl.external_secret not specified
Tested with ssl.external secret set to cortx-ssl-cert (same as default name) and also as a different name.
Checklist
[x] The change is tested and works locally.
[ ] New or changed settings in the solution YAML are documented clearly in the README.md file.
Description
This change supports a user-specified TLS/SSL certificate.
In solution.yaml, if common.ssl.external_certificate is specified, then a secret with the specified name is presumed to hold the certificate to be used by CORTX servers.
Requirements:
By default common.ssl.external_secret is not specified. In this case a certificate is generated. (Technically, it is not generated at the time of deploy, but it uses a previously generated certificate that expires in about 10 years. It would be better to generate this certificate at deploy time, but this PR does not address this. It can be addressed in the future.)
Type of change
Applicable issues
CORTX image version requirements
N/A
How was this tested?
Checklist
If this change requires newer CORTX or third party image versions:
image
fields in solution.example.yaml have been updated to use the required versions.appVersion
field of the Helm chart has been updated to use the new CORTX version.If this change addresses a CORTX Jira issue:
CORTX-XXXXX:
)