Replace default SSL certificates | Nutanix Community
Skip to main content
Question

Replace default SSL certificates

S
Forum|alt.badge.img

Hello, 

Is it possible to replace the default SSL certificate of the X-Ray “appliance”, I didn’t find a procedure for that ?

 

Thank you in advance (hoping this is the correct place to get help on this)

PhS

    This topic has been closed for comments

    6 replies

    R
    Nutanix Employee
    Forum|alt.badge.img
    • RajeshBNutanix Employee
    • Nutanix Employee
    • 5 replies
    • April 15, 2024

    To install the custom certs into the X-Ray VM, please follow the these steps

    1. Login into the X-Ray VM via ssh.
    2. Run the reinstall_k3s.sh script with the following params PemFilePath, SSLPrivatekeyFilePath and DomainName. 

          

         PemFilePath - it is the path of the pem file location(combined file of server public cert, root CA, intermediate CA)

         SSLPrivatekeyFilePath - It is the path of the private key file location

         DomainName  - DomainName or common name of the server

     

        eg:

        ./reinstall_k3s.sh PemFilePath=/home/nutanix/test.pem SSLPrivatekeyFilePath=/home/nutanix/test.key DomainName=www.server.com

     

    After successfully running this script, it will restart the X-Ray VM with the custom cert being provided.

    S
    Forum|alt.badge.img
    • simonph
    • Author
    • Adventurer
    • 4 replies
    • April 15, 2024

    Thank you very much for your attention to this 

    this is the output I get from running this command 

    so we are missing ‘helm’ ...

    S
    Forum|alt.badge.img
    • simonph
    • Author
    • Adventurer
    • 4 replies
    • April 16, 2024

    Strange because helm and k3s are available … sorry, I have very little knowledge with all this 

     

    J

         1. Log on to the X-Ray VM as a Root user.

         2. cd /home/nutanix/

         3. Run the reinstall_k3s.sh script with the following params PemFilePath, SSLPrivatekeyFilePath and DomainName. 

          

         PemFilePath - it is the path of the pem file location(combined file of server public cert, root CA, intermediate CA)

         SSLPrivatekeyFilePath - It is the path of the private key file location

         DomainName  - DomainName or common name of the server

     

        eg:

        ./reinstall_k3s.sh PemFilePath=/home/nutanix/test.pem SSLPrivatekeyFilePath=/home/nutanix/test.key DomainName=www.server.com



    Note : It is recommended to export the important results, comparisons, and custom tests from X-Ray and import them after the reinstall succeeds. Take a snapshot of the X-Ray VM before you begin reinstall. In case of errors, you can quickly fix the environment by restoring the snapshot to have a working environment. Kindly note that the test scenarios will need to be manually exported before applying the below steps and needs to be manually imported after applying the below steps.

    S
    1 person likes this
    • S
      simonph
    S
    Forum|alt.badge.img
    • simonph
    • Author
    • Adventurer
    • 4 replies
    • April 17, 2024

    As root it works better … but it does not end well neither

     

     

    S
    Forum|alt.badge.img
    • simonph
    • Author
    • Adventurer
    • 4 replies
    • April 19, 2024

    Found the issue.

    My instance need to be configured with Proxy .

     

    Thank to all for your help 

    Terms & Conditions