Before installing DigiCert® On-premises Private CA, make sure your environments are configured properly and you have received a unique license key from your DigiCert account manager or other DigiCert representative.
Add a helm repository for your On-premises Private CA.
helm repo add your-repo-name https://repo.pkiplatform.digicert.com/chartrepo/dcone helm repo updateImportante
Replace
your-repo-namewith your own descriptive name for your helm repository.Generate a random string for the crypto master secret. For example, on Linux command line:
head -c 32 /dev/urandom | base64Create a
standalone-values.yamlfile in the root directory with this content:database: host: mariadb-mariadb.digicert-ca username: root #Your license key provided by DigiCert license: #Your host name host:Create the database for your On-premises Private CA.
mysql CREATE DATABASE digicert_ca;Deploy your On-premises Private CA.
Importante
Replace all instances of
your-repo-namewith the name you assigned in step 1.Create the Kubernetes namespace:
kubectl create namespace your-repo-nameAdd the database password secret and the crypto master secret generated in step 2:
kubectl create secret -n your-repo-name generic digicert-ca-secrets \ --from-literal=databasePassword=<your databasePassword> \ --from-literal=cryptoMasterSecret=<your cryptoMasterSecret>Install the On-premises Private CA application:
helm upgrade --install ca your-repo-name/certificate-authority-standalone --values standalone-values.yaml --namespace your-repo-name
Installation complete! DigiCert® On-premises Private CA is ready at https://<your domain>/.