Installation Instructions for the Keystone Certificate Patch
The keystone certificate for on-premises deployments expires on April 24, 2022. After the certificate expires, SSO and other CSO functionality might be impacted. You must install the patch to renew the keystone certificate. You can install the patch either before or after the certificate expiry date. CSO functions normally after the certificate is renewed.
To install the patch:
- Download the General_OnPrem_CSO_Cert_6.1_Patch_2022.tgz patch installer package from the CSO Downloads page to the startupserver1 VM:
- Log in to the startupserver1 VM as root.
- On the startupserver1 VM, create the folder 6.1_cert_patch
and extract the installer package.
root@host:~/# mkdir 6.1_cert_patch
root@host:~/# cd 6.1_cert_patch
root@host:~/6.1_cert_patch# tar –xvzf General_OnPrem_CSO_Cert_6.1_Patch_2022.tgz
The contents of the installer package are extracted in a directory with the same name as the installer package.
- Install the certificate patch:
Navigate to the
root@host:~/6.1_cert_patch# cd General_OnPrem_CSO_Cert_6.1_Patch_2022.tgz
Run the ./jkeystone_crts_update.sh script.
- Navigate to the CSO directory and run the components_health.sh script to check the status of infrastructure components: