Conjur default certificate

Just installed Conjur OSS on Docker in a CentOS machine using the quick-start guide. The default instalallation uses https for the conjur org. Does the default installation should create a pem file under the root drectory in the cllient container? Im rtying to use ansible lookup plugin but cant find the certificate.
Is there any way to generate the certificate manually?
Thank you!

Yes the certificate can be generated manually using the following command:
openssl s_client --showcerts --connect $CONJUR_HOSTNAME:443 < /dev/null 2> /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'

Where $CONJUR_HOSTNAME is the hostname you used when installing the conjur server.

Also the certificate can be found on the CLI container after you perform the conjur init command.
It should located ~/conjur-<accountName>.pem


1 Like

Thank you Andrew for the reply.
Are there any reasons why the certificate was not created? i dont have it under ~/conjur-<accountName>.pem and i just executed the command but i dont get any results…

Thanks again

Make sure you are in the conjur-cli container and execute conjur init.

Once you have done this the certificate should be generated.

I would also make sure that that conjur is using HTTPS, I have seen conjur use HTTP with other users.


This topic was automatically closed 60 minutes after the last reply. New replies are no longer allowed.

Hello @kbrandes, we would love to get your feedback on the quick start steps, especially if you have any enhancements.