TLS Certificates Operator
- Canonical Telco
| Channel | Revision | Published | Runs on |
|---|---|---|---|
| latest/stable | 22 | 14 Feb 2023 | |
| latest/candidate | 22 | 14 Feb 2023 | |
| latest/beta | 45 | 22 Sep 2023 | |
| latest/beta | 20 | 13 Feb 2023 | |
| latest/edge | 50 | 16 Oct 2023 | |
| latest/edge | 20 | 11 Jan 2023 | |
| legacy/stable | 22 | 03 Oct 2023 | |
| legacy/edge | 51 | 25 Jan 2024 |
juju deploy tls-certificates-operator --channel edge
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
22.04
20.04
Provide Certificates
1. Deploy Manual TLS Certificates
juju deploy manual-tls-certificates
Relate it to the charm requiring TLS Certificates:
juju relate manual-tls-certificates <your-charm>
2. Retrieve the certificate signing request
Retrieve all certificate signing requests that don’t have certificates already provided:
juju run manual-tls-certificates/leader get-outstanding-certificate-requests
For the specific relation ID associated to your charm, retrieve the certificate signing request:
juju run manual-tls-certificates/leader get-certificate-request relation-id=<id>
The output of this action is the certificate signing request, use it to obtain a signed TLS Certificate.
3. Provide the certificate
Once you have the certificate signed, provide it to the requiring charm using this action:
juju run manual-tls-certificates/leader provide-certificate \
relation-id=<id> \
certificate="$(base64 -w0 certificate.pem)" \
ca-chain="$(base64 -w0 ca_chain.pem)" \
ca-certificate="$(base64 -w0 ca_certificate.pem)" \
certificate-signing-request="$(base64 -w0 csr.pem)" \
unit-name="<unit-name>"
At this point the certificate is available for the requirer unit which requested it.