1- Generate CSR and private key (from a linux based vm or from https://certificatetools.com)
2- Put file .csr to the Certificate Authority and export in format "WebSHA256"
3- Convert the .CER certificate to .CRT using OpenSSL
openssl x509 -inform PEM -in cert.cer -out tls.crt
4- Log into Zerto VM using SSH and create a .bak of the old certificates:
cp /var/data/zerto/zappliance/ingress/certs/tls.key /var/data/zerto/zappliance/ingress/certs/tls.key.bak
cp /var/data/zerto/zappliance/ingress/certs/tls.crt /var/data/zerto/zappliance/ingress/certs/tls.crt.bak
5- Put the new certificate and key in the same path /var/data/zerto/zappliance/ingress/certs/ after renamed in:
tls.key
tls.crt
tls.key
tls.crt
6- Load the new certificate and key running the following commands:
kubectl delete secrets ingress-cert-secret
kubectl create secret tls ingress-cert-secret –key /var/data/zerto/zappliance/ingress/certs/tls.key –cert /var/data/zerto/zappliance/ingress/certs/tls.crt