Dynamic SSL certificates using LetsEncrypt on OpenShift

This post was originally published on the ETI blog here.

Managing SSL certificates in OpenShift can be a bit of a chore, especially when you have more than a few routes to manage. Having an automated mechanism to manage this helps with the operational overhead, and in this example LetsEncrypt is the weapon of choice.

You could quite conveniently use a wild card certificate to cover most of your routes but that doesn’t cover every use case that you might have, especially when you manage multiple domains. Consider also that wildcard certificates are deprecated[1] in favour of tooling that can provide programmatic access to easily create and renew SSL certificates on demand. There are a bunch of advantages (and disadvantages) to this and a tonne of articles out there, already covering the nuts and bolts of that topic, so I’m going to skip over that and instead share my experience deploying and using LetsEncrypt on OpenShift.

LetsEncrypt has been around for a while now and has been adopted into many environments so I thought it is about time that I shared how I have applied Lets Encrypt to solve my problem managing certificates across multiple domains on my OpenShift cluster.

Continue reading “Dynamic SSL certificates using LetsEncrypt on OpenShift”

Hey Tate: Step by step securing OpenShift and routes with SSL certificates for development

I created this series of videos to show how to first, purchase a domain name for cheap, to use for valid SSL certificates and URLs for all your applications. I do this for learning and developing applications, not just for deploying to production. Then I show how to generate a free SSL certificate for secure, verified https connections to your sites. Then I show you how to run OpenShift locally, from the ground up, with SSL certificates for the web console, and all routes.

Continue reading “Hey Tate: Step by step securing OpenShift and routes with SSL certificates for development”