If you want to configure your OPL installation to use CA certificates, you will need to the following:
- Follow the same process for installing a ship, but stop once you have generated the docker run command.
- NOTE: You can implement both a proxy and CA certificates with your OPL installation. You can review the steps for the proxy set up here. You can stop at the point where you add the variables for the proxy before adding the steps for the CA certificate setup.
- Create a custom CA bundle for the following sites (i.e. /path/to/custom-ca.crt):
- APM URL (if applicable)
- Copy the docker run command and add the following environment variables and volume to the docker run command (NOTE: The bold portion below is the only part that can change):
- The full docker run command will look like the following:
docker run -d -e REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt -e AWS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt --env HARBOR_ID=<Harbor ID> --env SHIP_ID=<Ship ID> --env AUTH_TOKEN=<Auth Token> --env AUTO_UPDATE=true --env DISTRIBUTION=stable --name=blazemeter-crane --restart=on-failure -v /path/to/custom-ca.crt:/etc/ssl/certs/ca-certificates.crt -v /var/run/docker.sock:/var/run/docker.sock -v /tmp:/tmp --net=host blazemeter/crane python agent/agent.py
- Once you have added the extra variables (if you have a proxy setup as well, you will need to have those variables included as well), copy the edited command and run it on the machine you are installing your ship on, and follow the final steps of the ship install to complete the installation.