How to Add a SSL Certificate to a Load Balancer
To terminate HTTPS at the load balancer, you must provide a valid SSL certificate to our secrets store.
Advanced Setup: Currently, uploads to the secrets store are via CLI and are not using the GUI.
Uploading the SSL Certificate
Locate and have your TLS certificate handy
Certificates should be stored in the PKCS#12 format in our cloud. To convert a certificate to PKCS#12 please use the following command:
openssl pkcs12 -export -inkey mycert.key -in mycert.crt -passout pass: -out cert.p12
Once the certificate is exported into the PKCS#12 format, it can be added to the secret store using the following command:
openstack secret store --name='my_tls_secret' -t 'application/octet-stream' -e 'base64' --payload="$(base64 < cert.p12)"
Allow the admin user access to the secret:
openstack secret list
Copy the Secret href of the secret you want to allow the admin user to access.
openstack acl user add --user admin <secret href>
Now, you can use the secret when deploying a TLS terminated load balancer.