Exporting the operator root CA key and importing it into an external service

After you import the certificate of the external service into the trust list, if the external service needs to access your component, you must extract the operator root CA key and import it to the truststore of the external service.

Procedure

Extract the operator root CA key and import it to the truststore of the external service.

If you are using the default value of icp4a-root-ca for the operator root CA, use the following command to find the root CA key:

oc get secret icp4a-root-ca -o template --template='{{ index .data "tls.crt" }}' | base64 --decode > rootCA.crt

If you don't know the root CA key for your component, look in the shared_configuration.root_ca_secret in the custom resource file.