CA Certificate requirements for microservice running Azure Redhat Openshift

Question

Dear Team,

Hope you are doing well. We need your advice on an application we are planning to run as microservice on Azure redhat openshift. This will be a public facing application and it will be front end by a API gateway and palo alto Firewall.

Can you guide on below points please?

What kind of certificate we need to use to make the application publicly accessible?

Where we need to install the certificate plz?

Answer 1

Hi,

In this instance can you review the Openshift documentation and see if it helps in this situation - https://learn.microsoft.com/en-GB/azure/openshift/

Also the Microservices architecture documentation to decide on the design aspects of your solution as frontend API and PA is involved - https://azure.microsoft.com/en-gb/solutions/microservice-applications

Also review this SO thread and infor on the Certificate, usually it is TLS secure Cert from the third party but exposing internal microservice is risky so please analsyse all the options - https://security.stackexchange.com/questions/175627/securing-internal-micro-services-letsencrypt-vs-self-signed-certificates-be

Hope this helps.

JS

==

Please accept as answer and do a Thumbs-up to upvote this response if you are satisfied with the community help. Your upvote will be beneficial for the community users facing similar issues.

Answer 2

Thanks Jimmy.

The answer is helpful for some part of it (microservices to use self-signed cert)

We will be deploying palo alto for public facing internet and ARO will be internal. Can you advice how the encryption and decryption will work between palo alto and aro