Manual TLS Certificates
- By Canonical Telco
| Channel | Revision | Published | Runs on |
|---|---|---|---|
| latest/stable | 78 | 07 Mar 2024 | |
| latest/candidate | 78 | 07 Mar 2024 | |
| latest/beta | 78 | 07 Mar 2024 | |
| latest/edge | 98 | 06 May 2024 |
juju deploy manual-tls-certificates --channel candidate
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
22.04
Provide Certificates
1. Deploy Manual TLS Certificates
juju deploy manual-tls-certificates
Relate it to the charm requiring TLS Certificates:
juju relate manual-tls-certificates <your-charm>
2. Retrieve the certificate signing request
Retrieve all certificate signing requests that don’t have certificates already provided:
juju run manual-tls-certificates/leader get-outstanding-certificate-requests
For the specific relation ID associated to your charm, retrieve the certificate signing request:
juju run manual-tls-certificates/leader get-certificate-request relation-id=<id>
The output of this action is the certificate signing request, use it to obtain a signed TLS Certificate.
3. Provide the certificate
Once you have the certificate signed, provide it to the requiring charm using this action:
juju run manual-tls-certificates/leader provide-certificate \
relation-id=<id> \
certificate="$(base64 -w0 certificate.pem)" \
ca-chain="$(base64 -w0 ca_chain.pem)" \
ca-certificate="$(base64 -w0 ca_certificate.pem)" \
certificate-signing-request="$(base64 -w0 csr.pem)" \
unit-name="<unit-name>"
At this point the certificate is available for the requirer unit which requested it.