...
The keystore and truststore can be configured in Kubernetes. In the source code repository, the default files are located. Updating this in a running cluster can be done in more than one way, but this is probably the simplest.
First you need to create a directory with three files.
config/
application.yaml
keystore.jks
truststore.jks
The default application.yaml can be taken from the source code repository or by using command "kubectl describe configmap policymanagementservice-configmap -n nonrtric"
Then you need to create the keystore.jks and (if used, this is not used by default) a truststore.jks .
There is a README file in the source code repository that describes how the default keystore and truststore are created. This involves creating a CA cert used for signing.
If you are happy with just a self signed cert, it can be created using the keytool command. Example:
>keytool -genkeypair -alias policy_agent -keyalg RSA -keysize 2048 -keystore keystore.jks -validity 3650 -storepass <key store password>
The following parameters in the application.yaml needs to updated (the non relevant parameters for this are omitted):
...
...