In our deployment, we want to connect to RLP to stream logs, so the certs are needed. While RLP does not expose its certs, how to get them from another deployment?

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/163286255

The labels on this github issue will be updated when the story is started.

To connect to the RLP, you'll need to generate certs that use the loggregator_ca and have the cn rlp-gateway. Example:

https://github.com/cloudfoundry/cf-deployment/blob/a97f26ee7108f179873574b5648c1cbe8cb7b176/cf-deployment.yml#L1984-L1990

Also, consider consuming from the RLP-Gateway. It's a component that allows you to consume the v2 api without needing certs, similar to the firehose.

https://github.com/cloudfoundry/loggregator/blob/925b09a107d4d11286e0b84d5f2f090b30f6a397/docs/rlp_gateway.md

@qibobo please let us know if you need anything else and feel free to reopen the issue. I am going to close this for now, since Travis gave you some correct answers