Enabling TLS for the Mongo database on Kubernetes
Ensure that you have read the Setting up TLS for the Mongo database topic. Verify if you have a valid TLS certificate. See Creating a truststore with a third-party certificate for the details.
-
Configure the Sametime server to use TLS.
-
Create a secret with your certificate.
kubectl create secret generic mongo-secret --from-file=<ca.crt>
-
Open the values.yaml file in edit mode.
-
Add the following secret.
mongoSecret: mongo-secret
-
Save the changes.
-
Apply your changes to the environment.
Verify that you are in the helm directory and run the following command to apply changes. Specify the Sametime deployment name for your environment. The default for Sametime Premium version 12 is sametime.
helm upgrade sametime\_deployment\_name .
Note: Be sure to include the dot at the end. It is part of the command.
If you are unsure of your deployment name, issue the helm list command to find the name. If you upgraded from an earlier Sametime release, the default name is sametime-meetings.
-
Restart the pods with the changes. Use the kubectl scale command to scale the pods to zero and then to one that have been changed. You must run the commands for each pod that the change affects.
-
Run the following command to scale the pod to zero.
Scale the pod to zero, where pod_deployment_name is the pod name.
kubectl scale deploy pod\_deployment\_name --replicas=0
-
Run the following command to scale the pod to one.
kubectl scale deploy pod\_deployment\_name --replicas=1
-
Parent Topic: Setting up TLS for the Mongo database