Den Cowboy wrote on 07/20/16 15:03:
I read about the 3 types of secure routes:
- Edge : encrypts routing from outside till router
- Passthrough: encrypts routing from outside till pod
- Re-encrypt: encrpyts from outside till router and than reencrypts from
router till pod (internally)
I'm able to create such a routes using the webconsole (or cli).
But I don't really know what to do if I have an application which needs
to connect with these secure routes?
For example:
project test1 (ns)
1 pod which is hosting some API service
project test2 (ns)
1 pod which is hosting some website which needs to connect with the API
service.
When you start the pod in project2 you're able to give an ENV VAR which
will contain the path to your API service:
oc new-app -e URL="http://my-api.dev.all"; test1/app1
But when we have only a secure route to our API (so https)
And we will start the pod in project2 with:
oc new-app -e URL="https://my-api.dev.all"; test1/app1
What do we need to do to have a full communication? Do we need to add
the certificate(s) of our app1 somewhere for app2?
You need to have your CA certificate trusted in the client app. Or the
self signed certificate if you are using self-signed (non-recommended).
How to do may depend. If your API cert is issues by as official cert
issuer, then you may not have to do anything. Otherwise you need to
import the CA cert in app specific way to your app.
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
