My Oracle Support Banner

OLVM: How to renew OLVM Hosts Certificate in OLVM Environment/Infrastructure (Doc ID 2885203.1)

Last updated on JULY 26, 2022

Applies to:

Linux OS - Version Oracle Linux 7.9 with Unbreakable Enterprise Kernel [5.4.17] and later
Linux x86-64

Goal

To guide the user on how to renew Certificates in OLVM Environment/Infrastructure.

NOTE:
  • For third-party CA Certificate replacement, please follow this KM Document (Doc ID 2885170.1)
  • Do not let Certificates expire. If they expire, the KVM hosts and the OLVM Engine host will stop responding, and recovery is an error-prone and time-consuming process.
  • By default, OLVM Engine host Certificate follow 10 years lifetime, while the KVM hosts follow the 5 years lifetime and must be renewed before it expires. See sample output below:
  • For Best Practices, whenever there is an internal CA Root Certificates Update/Renewal on the OLVM's Apache Component, it is recommended to renew the Certificates of the OLVM Engine host and the KVM hosts even though the defaults last 10 and 5 years. This to avoid 'Out of Sync' issues.

OLVM Engine host:

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.