OpenShift: Create Edge Secured Route

If you run a webserver, chances are that you will need a secure edge terminated route with TLS termination occurring on the router before traffic is proxied to the destination.

Create Edge Secured Route

The secure edge terminated route requires a certificate and a key. The TLS certificate is served by the router front end. We want to create a secured route for our PHP application.

Generate a private key:

$ openssl genrsa -out php.key 2048

Generate a CSR:

$ openssl req -new -key php.key -out php.csr  \
  -subj "/C=GB/ST=London/L=London/O=IT/OU=IT/CN=www.example.com"

Generate a self-signed certificate:

$ openssl x509 -req -days 366 -in php.csr  \
      -signkey php.key -out php.crt

Get the name of the service that the route will be created for:

$ oc get svc

Create a route using the certificate and the key:

$ oc create route edge \
  --service=php-service \
  --hostname=www.example.com \
  --key=php.key \
  --cert=php.crt \
  --insecure-policy=Redirect

Leave a Reply

Your email address will not be published. Required fields are marked *