I have created an application with a route to it using OpenShift Origin. Now I want to make that route secure using TLS: I've already created routes with edge and passthrough. But now I want to create a route which is using Reencrypt.
Therefore I need to specify some certificates in my route:
I create my key and certificate in the following way:
# keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass supersecret -validity 360 -keysize 2048 -keystore /etc/origin/keys/s2i-key/privatekey.store
# keytool -importkeystore -srckeystore privatekey.store -destkeystore keystore.p12 -srcstoretype jks -deststoretype pkcs12
#####Take a look to the certificate and private key from this file
# openssl pkcs12 -in keystore.p12 -nodes -password pass:supersecret
It's very similar to edge termination. But there I don't have to describe a
Now is my problem that I don't really know what a destinationCACertificate is? Do I have to create it in the same way as I'm creating my normal key/certificate or do I have to read/create it somewhere else?