Certificate Requirements for a Kinetic Platform Installation

Learn about the certificates required for a successful Kinetic Platform installation.

Overview

This guide describes the certificates required for a Kinetic Platform installation. Failing to install these certificates will cause the installation process to fail.

Kinetic Platform Cluster Certificate Requirements

Two certificates are used for the Kinetic Platform cluster:

  • Wildcard TLS Certificate: The Kinetic Platform requires a DNS certificate that supports all subdomains to be used in your Kinetic Platform environment. The subdomains correspond to the Space slugs for all Spaces created in the Kinetic Platform environment. We prefer wildcard certificates as this allows us to support the dynamic creation of new spaces should they be needed throughout the application's life.
  • Kinetic Platform Cluster Management Dashboard TLS Certificate: While not required, we recommend providing a certificate to secure access to your installation portal when installing using the Kinetic embedded cluster. When a certificate is not provided, we install a self-signed certificate by default, which could violate your company's security policies.

Certificates for Dependencies

  • Cassandra Installation: You must configure SSL for external connection to your Cassandra cluster. A certificate facilitates this configuration.
  • SQL Database and Elasticsearch: We recommend configuring SSL for your database resource, but lower connections are also supported. Follow your company policy when securing your SQL and Elasticsearch resources.