How to Add a SSL Certificate to a Load Balancer

To terminate HTTPS at the load balancer, you must provide a valid SSL certificate to our secrets store.

Advanced Setup: Currently, uploads to the secrets store are via CLI and are not using the GUI.

Uploading the SSL Certificate

Locate and have your TLS certificate handy

Certificates should be stored in the PKCS#12 format in our cloud. To convert a certificate to PKCS#12 please use the following command:

openssl pkcs12 -export -inkey mycert.key -in mycert.crt  -passout pass: -out cert.p12

Once the certificate is exported into the PKCS#12 format, it can be added to the secret store using the following command:

openstack secret store --name='my_tls_secret' -t 'application/octet-stream' -e 'base64' --payload="$(base64 < cert.p12)"

Allow the admin user access to the secret:

openstack secret list

Copy the Secret href of the secret you want to allow the admin user to access.

openstack acl user add --user admin <secret href>

Now, you can use the secret when deploying a TLS terminated load balancer.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us