This PR addresses the omission of the self-signed certificate in the Helm distribution. It also modifies the convert-to-p12.sh to include the full chain of certificates when the ca.crt is available, which is the case for our self-signed certificates.
In addition, this PR improves the server's security by moving the EdgePort configuration to a secret, instead of using configmaps, given that the file contains sensitive information.
Type of change
[x] Bug fix (non-breaking change which fixes an issue)
[ ] New feature (non-breaking change which adds functionality)
[ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
[x] This change requires a documentation update
How Has This Been Tested?
I ran the Helm chart on my local k8s to ensure that the certificates function correctly when tls is enabled. I tested this setup using Blink Pro, and the client registered perfectly.
Checklist:
[x] I have performed a self-review of my code
[x] I have commented my code, particularly in hard-to-understand areas
[x] I have made corresponding changes to the documentation
[x] My changes generate no new warnings
[ ] I have added tests that prove my fix is effective or that my feature works
[x] New and existing unit tests pass locally with my changes
[x] Any dependent changes have been merged and published in downstream modules
Description
This PR addresses the omission of the self-signed certificate in the Helm distribution. It also modifies the
convert-to-p12.sh
to include the full chain of certificates when theca.crt
is available, which is the case for our self-signed certificates.In addition, this PR improves the server's security by moving the EdgePort configuration to a secret, instead of using configmaps, given that the file contains sensitive information.
Type of change
How Has This Been Tested?
I ran the Helm chart on my local k8s to ensure that the certificates function correctly when tls is enabled. I tested this setup using Blink Pro, and the client registered perfectly.
Checklist: