Installing SSL Artifacts/CA-certs

[korede-ola]

Going by the recommendations of Using an existing set of CA-Certificates per https://docs.vectr.io/SSL_Certificates/#installing-ssl-artifacts, the generated certs doesn't appear to apply to the hostnames, resulting in a ERR_CONNECTION_REFUSED or NET::ERR_CERT_COMMON_NAME_INVALID

The documents mentioned placing both ssl.crt & ssl.key in the directory /user/certs which does not exist after the default install.

For rhel installs, shouldn't a copy of the certs also be present in default linux directories like /etc/pki/ca-trust/extracted/pem? Also, if /opt/vectr is the Vectr install path, will /user/certs in this case be /home/user/certs or /opt/vectr/user/certs?

[SRAPSpencer]

The deploy directory is whichever directory you run the docker-compose from.

Referencing the docker-compose.yml the mapping for certs is here

` vectr-tomcat: volumes:

• ./user:/opt/vectr/user`

Meaning any directory tree present in the ./user directory where the docker-compose is run from will exist in the container.

The recommended troubleshooting is as follows.

1. Are the certificates in the correct directory?
2. Are the file names correct?
3. Are they in the PEM format?
4. Did you restart the containers? The instance will not pick them up on the fly, you must do a docker-compose down/up
5. Does the certificate match the hostname set in the .env file?
6. Are the file permissions correct? The VECTR user inside the container uses a UID/GID of 10001/10001. If the container user can't access this file it will fail and generate it's own.

If you work through that list and are still having issues let me know and we can discuss.

[SRAPSpencer]

Stale, closing issue. @oakey1 you may reopen if you still need assistance.