Closed guptaavi closed 5 years ago
We have created an issue in Pivotal Tracker to manage this. Unfortunately, the Pivotal Tracker project is private so you may be unable to view the contents of the story.
The labels on this github issue will be updated when the story is started.
@guptaavi The process is fairly involved and requires understanding of the BOSH ecosystem.
If you'd like to append a certificate to the certificate store inside of the application container, the canonical way to modify the cflinuxfs3-rootfs.trusted_certs
property of the cflinuxfs3-rootfs-setup
job in the Cloud Foundry manifest. You could perform the operation in the following way:
$ cf dev bosh env | Invoke-Expression # Login to BOSH
$ bosh deployments # Find the deployment name of CF (should look like 'cf-123abd....')
$ bosh -d <cf-deployment-name> manifest > cf.yml # Output the configuration to a new file 'cf.yml'
# insert the contents of the appended ca.crt file to cflinuxfs3-rootfs.trusted_certs
$ bosh -d <cf-deployment-name> deploy cf.yml
For more information on the process you can look here: https://docs.cloudfoundry.org/running/trusted-system-certificates.html. For more information on BOSH you can look here: https://bosh.io/docs/
@aemengo Thank you so much for the tips. It worked! Finally I can start using PCFDev :) Just one more question...is there any way to make this permanent? Or will I have to perform these steps every time I do a cf dev start/stop? Thank you!
@guptaavi Unfortunately, there's no way to make this permanent. You will have to perform these steps every time you do a cf dev start/stop? This is by design to allow users to return back to a "working" state no matter how much experimentation has been done, as was done in your case.
Running PCFDev 1.2.0 on Windows 10 under Hyper-V.
Able to start successfully and login. However, the app manager is not running.
I verified using 'cf a' but the apps-manager-js-green app is in the 'stopped' state.
Looking at the logs, I see the following error:
This error only happens if I am logged into our corporate network. If I disconnect from the company network then everything works fine.
Where do I add my firewall certificate files (.pem, .crt) to get rid of this error? I tried adding them to the Hyper-V VM under /usr/share/ca-certificates but this error still shows up.
Any help would be appreciated.
Thanks!