Obtaining the Cluster Control Manager CA certificate

Last Updated : Sep 28, 2021 |

About this task

You must obtain the Cluster Control Manager (CCM) CA certificate and install the certificate into the Windows trust store.

Before you begin

  • Get your CCM FQDN.

  • Ensure that the CCM local Docker registry and ChartMuseum are running.

  • Ensure that you have the local admin Windows user rights.

Procedure

  1. Connect to your air gap network using your Windows PC or client laptop.
  2. Using a browser, navigate to the CCM docker registry listening on port 5010 at https://<ccm_fqdn.com>:5010/, where <ccm_fqdn> is the FQDN of your CCM.
  3. If you do not see a Certificate error message, skip the remaining steps.
  4. If you see a Certificate error message, do the following:
    1. Click the Certificate error message.
    2. Click View Certificate.
    3. Click Export to file.
    4. Save the exported certificate.
  5. On your taskbar, click the search icon, and type Manage computer certificates.
  6. Click the Manage computer certificates control panel.
  7. In Certificates-Local Computer, click Trusted Root Certification.

    The right-pane displays the Certificates folder.

  8. Right-click Certificates.

    Windows displays the Certificate Import Wizard window.

  9. Click All Tasks > Import.
  10. On the Certificate Import Wizard page, select Local Machine and click Next.
  11. Click Browse.
  12. To import the Docker registry certificate that was exported earlier, select the file, and click Open.
  13. Click Next.
  14. Select the Place all certificates in the following store check box.
  15. Ensure that in the Certificate store field, the specified location is Trusted Root Certification Authorities.
  16. Click Next.
  17. On the Completing the Certificate Import Wizard page, verify that the settings that you have selected are correct, and click Finish.

    The Certificate Import Wizard page displays the following message:

    The import was successful

  18. In the Windows icon tray, click the Docker whale icon and click Restart.
  19. Verify that the connection is successful with CCM local Docker registry. Run the following commands within the ccm-ctl-agn deployed container:
    1. To log in, run: docker login < ccm fqdn >:5010
    2. When prompted, enter the Username and Password of the CCM local Docker registry
    3. To log out, run: docker logout < ccm fqdn >:5010

    Log in and log out operations are successful.