OLVM: How to Renew SSL Certificates that are Expired or Nearing Expiration
(Doc ID 3006292.1)
Last updated on SEPTEMBER 29, 2024
Applies to:
Linux OS - Version Oracle Linux 7.6 with Unbreakable Enterprise Kernel [4.14.35] and laterLinux x86-64
OLVM 4.3, 4.4 and 4.5
Goal
The purpose of this document is to list the procedures to renew SSL certificates related to OLVM Engine and KVM hosts.
It has four sections as outlined below.
- Renewal of SSL certificates that are nearing expiration
- Renewal of SSL certificates that are already expired
- Renewal of SSL certificates when hosted engine VM is not accessible
- FAQs
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Goal |
Solution |
1. Renewal of SSL certificates that are nearing expiration: |
Renew OLVM Engine certificates (nearing expiration): |
Renew KVM host certificates (nearing expiration): |
2. Renewal of SSL certificates that are already expired: |
Renew OLVM Engine certificates (expired): |
Renew KVM host certificates (expired): |
3. Renewal of SSL certificates when hosted engine VM is not accessible: |
4. FAQs |
Cert validity (Engine and KVM host) and warning/alert intervals: |
What is the best practice for certificate renewal ? |
Will the engine certificates automatically renew when nearing expiration ? |
What are the features affected when Engine side certificates expire? |
Will the KVM host certificates automatically renew when nearing expiration ? |
Is it possible to manually renew KVM host's certificates that are nearing expiration without downtime ? |
What are the features affected when KVM host's certificates expire? |
Is it mandatory to Enroll KVM host's certificates through UI even after a successful regeneration of them manually ? |
Will the cert validity automatically extend from 398D to 5Y after an upgrade from 4.4 to 4.5 ? |
Is there a procedure to verify the expiry of all the OLVM certificates ? |
References |