Skip to main content

Frends Agent HTTP/API Endpoint SSL Certificates

Configuring Frends Agent HTTP/API Endpoint SSL Certificates for Kubernetes

T
Written by Tikriti Shabudin
Updated over a week ago

To use an SSL certificate to secure an Agent API/HTTP Endpoints you need to add a "Default external address for new agents" and modify the Agent configuration before deployment.

Add a Default external address for new agents:

Under the target Agent Group enter the external address into the Default External Address e.g. https://myagentfqdn.frendsapp.com and save changes.

The next time you deploy an Agent to this Agent Group this will be used as the External address.

Download and extract the Agent Kubernetes Configuration from the Frends Control Panel

Edit /secrets/appsettings.secrets.json and add your certificates thumbprint to "certificateThumbprintOrPath": ""


Copy your PFX certificate file into the /secrets directory.

Now edit FRENDS-Agent-Deploy.yaml

In the containers: section. At the same level as image

      containers:
- name: frends-agent
image: frendsplatform/frends-agent-linux:5.5.2.557

Add the following two lines

command: ["/bin/bash","-c"]
args: ["dotnet /CertTool/GSoft.CertificateTool.dll add -f /secrets/<PFX FileName> --password <PFX Password> --store-name My && dotnet Frends.Agent.dll"]

Replace the following values with your certificate details

<PFX FileName>

<PFX Password>

<certificateThumbprintOrPath>

It should look something like this

These two line override the default Agent start-up and run a tool to import the PFX certificate before starting the Agent.

The final step is to add the certificate filename to the frends-agent-secret secret

In the volumes: section. At the same level as - key: appsettings.secrets.json

      volumes:
- name: secrets-storage
secret:
secretName: frends-agent-secrets
items:
- key: appsettings.secrets.json
path: appsettings.secrets.json

Add the following two lines

- key: <PFX FileName> 
path: <PFX FileName>

Replace <PFX FileName> with the filename of your PFX file

It should now look something like this

Did this answer your question?