Automation Suite on OpenShift installation guide

Last updated Nov 13, 2025

Accessing Automation Suite

Enabling oc

Before running any oc commands, make sure you have downloaded and installed oc on your client machine. This allows you to run commands for retrieving passwords and configuration details for the cluster.

Managing certificates

Important:

The installation process generates self-signed certificates on your behalf. You should replace them with certificates signed by a trusted Certificate Authority (CA) as soon as installation completes.

For instructions, see Managing certificates.

If you try to access the cluster with a web browser, and the certificates are not from a trusted CA, then you will see a warning in the browser. You can rectify this by importing and trusting the cluster SSL certificate on the client computer running the browser.

To manage certificates, take the following steps:

To retrieve the current certificate, run the following command:
- On Linux:
  oc get secret -n istio-system istio-ingressgateway-certs -o jsonpath='{.data.ca\.crt}' | base64 --decode | openssl x509 -text -nooutoc get secret -n istio-system istio-ingressgateway-certs -o jsonpath='{.data.ca\.crt}' | base64 --decode | openssl x509 -text -noout
- On Windows (PowerShell):
```
(oc get secret -n istio-system istio-ingressgateway-certs -o jsonpath='{.data.ca\.crt}') | ForEach-Object { [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($_)) }(oc get secret -n istio-system istio-ingressgateway-certs -o jsonpath='{.data.ca\.crt}') | ForEach-Object { [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($_)) }
```
To update the certificates, see Managing certificates.

Accessing Automation Suite general interface

Note: You need to accept the self-signed certificate in the web browser to be able to access a cluster that is still configured with self-signed certificates.

The general-use Automation Suite user interface serves as a portal for both organization administrators and organization users. It is a common organization-level resource from where everyone can access all of your Automation Suite areas: administration pages, platform-level pages, product-specific pages, and user-specific pages.

To access Automation Suite, take the following steps:

Go to the following URL:

https://<FQDN>
Switch to the Default organization.
The username is orgadmin.
Retrieve the password using the following command:
```
oc get secret platform-service-secrets -n <uipath> -o jsonpath='{.data.identity\.hostAdminPassword}' | base64 -d  ; echooc get secret platform-service-secrets -n <uipath> -o jsonpath='{.data.identity\.hostAdminPassword}' | base64 -d  ; echo
```
Note:
Using the same command to retrieve the organization admin and the host admin passwords is by design.

This is because the two passwords are initially the same. If Change password on the first login is set to Required at the host level, the organization administrator must set a new password when they log in for the first time.

Accessing host administration

The host portal is for system administrators to configure the Automation Suite instance. The settings that you configure from this portal are inherited by all your organizations, and some can be overwritten at the organization level.

To access host administration, take the following steps:

Go to the following URL:

https://<FQDN>
Switch to the Host organization.
The username is admin.
Retrieve the password using the following command:
```
oc get secret platform-service-secrets -n <uipath> -o jsonpath='{.data.identity\.hostAdminPassword}' | base64 -d  ; echooc get secret platform-service-secrets -n <uipath> -o jsonpath='{.data.identity\.hostAdminPassword}' | base64 -d  ; echo
```
Note:
Using the same command to retrieve the organization admin and the host admin passwords is by design.

This is because the two passwords are initially the same. If Change password on the first login is set to Required at the host level, the organization administrator must set a new password when they log in for the first time.

Accessing service database connection strings

You can access the database connection strings for each service as follows:

oc -n <uipath> get secret aicenter-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret orchestrator-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret automation-hub-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret automation-ops-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret insights-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret platform-service-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret test-manager-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret ecs-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret ecs-vector-secrets -o jsonpath='{.data.sqlVectorConnectionString}' | base64 --decode
oc -n <uipath> get secret automationsolutions-sql-connectionstring-secret -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret llmgateway-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret llmobservability-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret integration-services-secrets -o jsonpath='{.data.odbcSQLConnectionString}' | base64 --decode
oc -n <uipath> get secret integration-services-secrets -o jsonpath='{.data.jdbcSQLConnectionString}' | base64 --decode
oc -n <uipath> get secret integration-services-secrets -o jsonpath='{.data.dotNetSQLConnectionString}' | base64 --decodeoc -n <uipath> get secret aicenter-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret orchestrator-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret automation-hub-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret automation-ops-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret insights-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret platform-service-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret test-manager-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret ecs-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret ecs-vector-secrets -o jsonpath='{.data.sqlVectorConnectionString}' | base64 --decode
oc -n <uipath> get secret automationsolutions-sql-connectionstring-secret -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret llmgateway-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret llmobservability-secrets -o jsonpath='{.data.sqlConnectionString}' | base64 --decode
oc -n <uipath> get secret integration-services-secrets -o jsonpath='{.data.odbcSQLConnectionString}' | base64 --decode
oc -n <uipath> get secret integration-services-secrets -o jsonpath='{.data.jdbcSQLConnectionString}' | base64 --decode
oc -n <uipath> get secret integration-services-secrets -o jsonpath='{.data.dotNetSQLConnectionString}' | base64 --decode

On this page

Enabling oc
Managing certificates
Accessing Automation Suite general interface
Accessing host administration
Accessing service database connection strings

Was this page helpful?

PREVIOUSDisaster recovery - Installing the secondary cluster

NEXTManaging the certificates

Support and Services

Get The Help You Need

UiPath Academy

Learning RPA - Automation Courses

UiPath Forum

UiPath Community Forum

Trust and Security

Cookies Policy