Skip to main content
Skip table of contents

Replace HTTPS certificate for DCT

By default, to enable HTTPS, DCT creates a unique self-signed certificate when starting for the first time. This certificate and private key are configured in the values.yaml file under:

NONE
proxy:
	crt:<certificate_value>
	key:<private_key_value>

To use your own certificates, these default values need to be replaced. They are Base64 encoded values of the certificate and key, respectively. 

  • To generate the Base64 encoded value of the certificate:
    cat my_cert_file.pem | base64 -w 0

  • To generate the Base64 encoded value of the key:
    cat my_private_key.key | base64 -w 0

Generating a new TLS certificate and private key could require the assistance of your Security or IT departments. A new key pair (public and private key) will need to be created, in addition to a certificate signing request (CSR) for that key pair. Your IT department should be able to determine the correct certificate authority (CA) to sign the CSR and produce the new certificate. The common name of the certificate should match the fully qualified domain name (FQDN) of the host, as well as the FQDN as a Subject Alternative Name (SAN).

  • After changing the crt and key values in values.yaml file. Run the HELM upgrade command:

    NONE
    helm upgrade -f values.yaml dct-services delphix-dct
  • After upgrading the helm chart, restart the proxy pod to pick the new certificates:

    NONE
    kubectl rollout restart deployment proxy -n dct-services
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.