Hide Forgot
Description of problem: 4.1.2. Deploying the SSO Application Template, the same secrete seems to be used for JGroups and Web SSL traffic. JGROUPS_ENCRYPT_SECRET and SSO_TRUSTSTORE_SECRET (in the tables) use the same name for the secrete value ( sso-app-secret ). This seems to be done for example purposes. > However I would suggest adding a note in: > https://access.redhat.com/documentation/en/red-hat-xpaas/version-0/red-hat-xpaas-sso-image/#preparing_sso_authentication_for_openshift_deployment > that explains that the CA/[Key|Trust]Store process may need to be repeated, or duplicated for web traffic. In addition to this the JGROUPS_ENCRYPT_KEYSTORE and SSO_TRUSTSTORE use different values. > Is this on purpose? are these the names of the "file locations" in the pods where the secretes are stored, so that the SSO components (JGroups / Underdow) can reference them?
I've updated the secrets commands, and use two secrets (one each for jgroups, and for the keystore and trustore) as standard instead of one. This is now consistent through get_started and tutorials. Also the tutorials now create EAP keystores for the EAP applications rather than using the same SSO ones, as this seems like good practice even for an example. Eric, to answer your last point: yes. those values are the keystore/truststore file names for reference within the secret.
These updates can be viewed at the following: https://access.redhat.com/documentation/en-us/red_hat_jboss_middleware_for_openshift/3/html/red_hat_jboss_sso_for_openshift/get_started#generating_secrets https://access.redhat.com/documentation/en-us/red_hat_jboss_middleware_for_openshift/3/html/red_hat_jboss_sso_for_openshift/tutorials#Example-Deploying-SSO https://access.redhat.com/documentation/en-us/red_hat_jboss_middleware_for_openshift/3/html/red_hat_jboss_sso_for_openshift/tutorials#Example-EAP-Auto