Sysdig will deprecate support for Replicated installs in the coming months. If you are a new customer considering installing with Replicated, please contact Sysdig support.
These configurations are optional.
Replace a Self-Signed Cert with Custom Cert
This process differs depending on how you installed the Sysdig Platform.
For Kubernetes Installer Installs
If you installed the Sysdig Platform on Kubernetes or OpenShift using the Installer, the Installer automatically generates a self-signed cert on the fly. To use a different certificate you would:
Add your cert and key to the /certs directory ex: (server.crt, server.key)
sysdig: certificate: crt: certs/server.crt key: certs/server.key
Rerun the Installer.
gives full details on
For Kubernetes Manual Installs
If you installed the Sysdig Platform manually on Kubernetes or OpenShift, the steps for managing the certs are described in Step 5 of the installation procedures:
For Replicated Installs
If you installed the Sysdig Platform using Replicated and you accepted the self-signed certificate for SSL/TLS communication when installing the Sysdig components (see Define Basic Settings & License Info ), you can exchange for a custom certificate as follows:
Log in to the Replicated Management Console and select the
Gear icon > Console Settings.
Upload certificateand it will automatically replace the original self-signed certificate.
Optional: Custom Self-Signed Certificat
Sysdig Monitor/Cloud/etc uses a self-signed SSL/TLS security certificate, unless a custom certificate is provided.
The example command below creates a custom, unsigned certificate called
MyCert.pem; the certificate has a private key called
is valid for five years:
sudo openssl req -new -x509 -sha256 -days 1825 -nodes -out ./MyCert.pem -keyout ./MyCert.key