CA Certificate requirements for microservice running Azure Redhat Openshift

N-Open 160 Reputation points
2023-12-02T17:05:44.02+00:00

Dear Team,

Hope you are doing well. We need your advice on an application we are planning to run as microservice on Azure redhat openshift. This will be a public facing application and it will be front end by a API gateway and palo alto Firewall.

Can you guide on below points please?

What kind of certificate we need to use to make the application publicly accessible?

Where we need to install the certificate plz?

Azure Red Hat OpenShift
Azure Red Hat OpenShift
An Azure service that provides a flexible, self-service deployment of fully managed OpenShift clusters.
83 questions
0 comments No comments
{count} votes

Accepted answer
  1. JimmySalian-2011 42,066 Reputation points
    2023-12-02T18:37:00.8033333+00:00

    Hi,

    In this instance can you review the Openshift documentation and see if it helps in this situation - https://learn.microsoft.com/en-GB/azure/openshift/

    Also the Microservices architecture documentation to decide on the design aspects of your solution as frontend API and PA is involved - https://azure.microsoft.com/en-gb/solutions/microservice-applications

    Also review this SO thread and infor on the Certificate, usually it is TLS secure Cert from the third party but exposing internal microservice is risky so please analsyse all the options - https://security.stackexchange.com/questions/175627/securing-internal-micro-services-letsencrypt-vs-self-signed-certificates-be

    Hope this helps.

    JS

    ==

    Please accept as answer and do a Thumbs-up to upvote this response if you are satisfied with the community help. Your upvote will be beneficial for the community users facing similar issues.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. N-Open 160 Reputation points
    2023-12-03T07:13:53.0133333+00:00

    Thanks Jimmy.

    The answer is helpful for some part of it (microservices to use self-signed cert)

    We will be deploying palo alto for public facing internet and ARO will be internal. Can you advice how the encryption and decryption will work between palo alto and aro

    0 comments No comments