Skip to main content

Setup custom SSL Certificates and Keys

If you're using AHD Commons with AHD VM, you'll use Traefik's self-signed certificates by default.

To setup a signed SSL certificate, you need to:

  • Have an hostname that resolves to AHD VM
  • Have the SSL key and certificate relative to the hostname

To begin, convert the SSL key and certificate to base64. If you have access to a linux terminal, you can use this command:

cat ./self-signed.crt | base64 -w 0
cat ./self-signed.key | base64 -w 0

Once you have copied the base64 encoded certificate and key, update the AHD Commons configs:

# -- traefik TLS ingress
traefik:
  tls:
    # base64 of certificate
    crt: "LS0tLS1CRUd..."
    # base64 of key
    key: "LS0tLS1CRUd..."

(optional) Preview the changes:

helm diff upgrade commons smartkit/commons --values commons-values.yaml

Apply the changes:

helm upgrade commons smartkit/commons --values commons-values.yaml

Once the upgrade is done, update the AHD applications to use the newly configured hostname.

i.e. configure Webup to use the new hostname:

webup:
  ingress:
    ssl:
      hostname: your-hostname.example.com