Setting a custom certificate
Tonic Structural provides a certificate for https traffic, but can also use a user-provided certificate. The certificate must use the the PFX format and be named tonic.pfx.
To use your own certificate, you must:
Add the
TONIC_PFX_PASSWORDenvironment setting.Use a volume mount to provide the certificate file. Structural uses volume mounting to give the Structural containers access to the certificate.
You must apply the changes to both the Structural web server and Structural worker containers.
Docker
To use your own certificate, you make the following changes to the docker-compose.yml file.
Environment setting
You must add the environment setting TONIC_PFX_PASSWORD, which contains the certificate password.
Volume mount
You place the certificate on the host machine, then share it to the containers as a volume.
You must map the certificate to /certificates on the containers.
Kubernetes
Environment setting
You must add the environment setting TONIC_PFX_PASSWORD, which contains the certificate password.
Volume mount
You can use any volume type that is allowed within your environment. It must provide at least ReadOnlyMany access.
You must map the certificate to /certificates on the containers. Within your web server and worker deployment YAML files, the entry should be similar to the following:
Last updated