ICOS Certification Authority¶
Trust the ICOS CA Root Certificate¶
The ICOS CA issues all certificates used for HTTPS communications between ICOS services and between ICOS services and the users. ICOS services are automatically configured to trust certificates generated by the ICOS CA (trusting in this way all other ICOS services), but when a user connect to an ICOS service from her machine (e.g., use the ICOS Shell Client, visualize the Grafana dashboards from the browser) will need to trust the certificate provided by the ICOS service to which she is connecting.
1. Retrieve the ICOS CA Root Certificate
The ca-url can be retrieved from the ICOS Core installation configuration.
2. Trust the certificate
In general, this step highly depend on the OS and the program used to access the ICOS service. It is reccomended to search online for "install trusted root certificate for [Your Operating System>]" to get appropriate instructions.
For the ICOS Shell client, the certificate can be copied under the /etc/ssl/certs.