...
| Warning |
|---|
Do not send the resulting private key file |
Create CSR
Option a)
Update "-subj" parameter in the command below according to you server and organisation.
...
| Code Block |
|---|
openssl req -new -key platform.key -sha256 -subj "/C=DE/ST=Hamburg/O=Lobaro GmbH/CN=backendup.lobaro.decom" -out "platform.csr" |
Verify your request with:
| Code Block |
|---|
openssl req -text -noout -in platform.csr -text |
Request Certificate from Lobaro
Send the generated CSR file (platform.csr) to support@lobaro.de to receive a valid certificate for your Server.
...
Install the signed Certificate in the Platform
...
Add or update the following keys in the Platform configuration file:
| Code Block |
|---|
server:
dtlsConfig:
dtlsCertDir: "./config" # This way the configuration directory is used to lookup the key and cert.
dtlsCertName: "platform" # Used to lookup "platform.crt" and "platform.key"
featureToggle:
dtlsSecureCoapServiceEnabled: true # removed in > v1.59.1 |
| Warning |
|---|
We recommend to do no backup of the If you need to backup the key file make sure the backup is encrypted in a secure way. |
In case you choose another location than "./config" the docker-compose.yml must be updated to mount the dtlsCertDir:
| Code Block |
|---|
services:
lobaro-backend:
volumes:
- </host/path/to/cert-dir>:<dtlsCertDir> |
To apply the Configuration restart the Platfrom:
| Code Block |
|---|
docker restart platform_lobaro-backend_1 |
| Note | ||
|---|---|---|
In case the commands fails with e.g. Execute
You should find the container that is running the platform. The restart command can be issued with the |