24 lines
1.2 KiB
Plaintext
24 lines
1.2 KiB
Plaintext
|
||
|
||
|
||
[[ modify elphdt ]]
|
||
|
||
From what I am seeing it appears as though the directory “/certs” is mounted from the NAS. I will need to add the new certificates to the NAS and they will be accessed from the “/certs” directory.
|
||
|
||
I will generate a new certificate chain with the PKI Bootstrap applicaiton. I will copy the new “CA Intermediate package” to this location:
|
||
/certs/cai/09-2018/
|
||
It will contain the CA Intermediates and the server certificates.
|
||
|
||
|
||
Looking at elphdt, there is a file .gitlab-ci.yml: this file contains the “CI/CD configuration”. In the file the there are two global variables that are significant:
|
||
|
||
GITLAB_CI_CERTIFICATE_DIRECTORY_CA_PREFIX: ‘/certs/acme.xyz/CA/ACME_06-2018_ca'
|
||
GITLAB_CI_CERTIFICATE_DIRECTORY_SERVER: ‘/certs/acme.xyz/servers/192.168.2.1_2018-06-13.10_11_38'
|
||
|
||
I will modify these variables to point to the new locations (this can be done for each build type):
|
||
GITLAB_CI_CERTIFICATE_DIRECTORY_CA_PREFIX: ‘/certs/acme.xyz/CA/ACME_06-2018_ca'
|
||
GITLAB_CI_CERTIFICATE_DIRECTORY_SERVER: ‘/certs/acme.xyz/servers/192.168.2.1_2018-06-13.10_11_38'
|
||
|
||
This solution will work fine for now. And in the future we can worry about generating a new server certificate for each MOB Hub.
|
||
|