Before installing DigiCert® On-premises Private CA, make sure your environments are configured properly and you have received a unique license key from your DigiCert account manager or other DigiCert representative.
Add a helm repository for your On-premises Private CA.
helm repo add your-repo-name https://repo.pkiplatform.digicert.com/chartrepo/dcone helm repo update
Belangrijk
Replace
your-repo-name
with your own descriptive name for your helm repository.Generate a random string for the crypto master secret. For example, on Linux command line:
head -c 32 /dev/urandom | base64
Create a
standalone-values.yaml
file in the root directory with this content:database: host: mariadb-mariadb.digicert-ca username: root #Your license key provided by DigiCert license: #Your host name host:
Create the database for your On-premises Private CA.
mysql CREATE DATABASE digicert_ca;
Deploy your On-premises Private CA.
Belangrijk
Replace all instances of
your-repo-name
with the name you assigned in step 1.Create the Kubernetes namespace:
kubectl create namespace your-repo-name
Add the database password secret and the crypto master secret generated in step 2:
kubectl create secret -n your-repo-name generic digicert-ca-secrets \ --from-literal=databasePassword=<your databasePassword> \ --from-literal=cryptoMasterSecret=<your cryptoMasterSecret>
Install the On-premises Private CA application:
helm upgrade --install ca your-repo-name/certificate-authority-standalone --values standalone-values.yaml --namespace your-repo-name
Installation complete! DigiCert® On-premises Private CA is ready at https://<your domain>/.