-
Notifications
You must be signed in to change notification settings - Fork 68
/
_uaa-admin-login.html.md.erb
35 lines (24 loc) · 1.89 KB
/
_uaa-admin-login.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
Before creating TKGI users, you must log in to the UAA server as a UAA admin. To log in to the UAA server, do the following:
1. Retrieve the UAA management admin client secret:
1. In a web browser, navigate to the Ops Manager **Installation Dashboard** and click the **Tanzu Kubernetes Grid Integrated Edition** tile.
1. Click the **Credentials** tab.
1. Click **Link to Credential** next to **Pks Uaa Management Admin Client** and copy the value of<br> `secret`.
1. Target your UAA server by running the following command:
```
uaac target https://TKGI-API:8443 --ca-cert CERTIFICATE-PATH
```
Where:
* `TKGI-API` is the domain name of your TKGI API server. You entered this domain name in the **Tanzu Kubernetes Grid Integrated Edition** tile > **TKGI API** > **API Hostname (FQDN)**.
* `CERTIFICATE-PATH` is the path to your Ops Manager root CA certificate. Provide this certificate to validate the TKGI API certificate with SSL.
* If you are logged in to the Ops Manager VM, specify `/var/tempest/workspaces/default/root_ca_certificate` as the path. This is the default location of the root certificate on the Ops Manager VM.
* If you downloaded the Ops Manager root CA certificate to your machine, specify the path where you stored the certificate.
For example:
```console
$ uaac target api.tkgi.example.com:8443 --ca-cert /var/tempest/workspaces/default/root_ca_certificate
```
<p class="note"><strong>Note</strong>: If you receive an <code>Unknown key: Max-Age = 86400</code> warning message, you can ignore it because it has no impact.</p>
1. Authenticate with UAA by running the following command:
```
uaac token client get admin -s ADMIN-CLIENT-SECRET
```
Where `ADMIN-CLIENT-SECRET` is your UAA management admin client secret that you retrieved in a previous step. The client user name is `admin`.