Skip to main content
Version: 3.1

certs

Sometimes you need to store an SSL certificate as a Kubernetes secret. This document walks through an example of how to secure a third-party S3-compatible objectstore for use with Portworx.

Provide the secret to Portworx

Based on your Portworx installation type, provide the secret to Portworx by performing the steps in one of the following sections.

Portworx Operator

Update the Portworx StorageCluster to mount the secret and the environment variable:

  spec:
volumes:
- name: objectstore-cert
mountPath: /etc/pwx/objectstore-cert
secret:
secretName: px-s3-certs
items:
- key: public.crt
path: public.crt
env:
- name: "AWS_CA_BUNDLE"
value: "/etc/pwx/objectstore-cert/public.crt"

After saving the modified StorageCluster, Portworx will restart in a rolling update.

Was this page helpful?