Installation document
How can you install Certificate Manager? Certificate Manager is delivered in a Docker container. So first you install docker-ce and containerd on your machine. Once you have done that, the easiest thing to do is create a directory. for example:
mkdir /opt/certificatemanager
Install docker RedHat based
First install the docker-ce repository and activate the repository
sudo dnf -y install dnf-plugins-core
sudo dnf config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo
To install the latest version execute te command below
sudo dnf install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Now we need to start the docker engine and enable it on boot
systemctl enable docker;systemctl start docker
Docker Compose
Go into this directory and copy the yaml code below into the docker-compose.yml file.
services:
certificatemanager:
image: hostingbe/certificatemanager:latest
container_name: CertificateManager
restart: always
ports:
- 8080:80
depends_on:
db:
condition: service_healthy
environment:
- SECRET=JZXygyTFm6sbERxCn1adRSHwHjgLwbzL # secret store safely offline
- DB_HOST=db # hostname db server
- DB_NAME=certificatemanager # db name
- DB_USER=root # db user
- DB_PASSWORD=secret_password # password mysql database
- CM_URL=http://localhost:8080 # URL of certificatemanager
- VAULT_URI=https://your-vault-url:8200 # URL of vault
- VAULT_TOKEN=[vault token] # your vault app token
- VAULT_PATH=certificatemanager # root path vault to store data
db:
image: mariadb
restart: always
user: root
volumes:
- ./mysql:/var/lib/mysql
environment:
- MARIADB_ROOT_PASSWORD=secret_password
- MARIADB_DATABASE=certificatemanager
expose:
- 3306
healthcheck:
test:
[
"CMD",
"/usr/local/bin/healthcheck.sh",
"--su-mysql",
"--connect",
"--innodb_initialized",
]
interval: 10s
timeout: 5s
retries: 5
Through this docker-compose.yml file we use a mysql docker container for storage, but you can of course also use your own MySQL database server. Do not forget to enter the correct information such as hostname, username and password. Make sure that the docker container can access the MySQL database.
VAULT
To store the private keys and passwords, Certificate Manager uses a Hashicorp Vault, which you install yourself.