Update an HTTPS identity with a new Grid-signed certificate
At some point the existing HTTPS certificates will expire, or the keys have been compromised and must be changed. This function substitutes the existing HTTPS certificate for an HTTPS identity with a new Grid-signed HTTPS certificate. If a certificate signed by an external CA is used, instead submit a new certificate signing request (CSR) to that CA.
Note: The grid monitors the validity of grid-signed HTTPS certificates, and automatically renews them when they approach expiration. For externally signed certificates that approach expiration, a notification is issued.
- Start the Grid Management Pages and log on as a member of the grid-admin role.
- Click on Security in the top menu.
- Click on the Identities tab.
- Select the HTTPS identity to generate a new Grid-signed HTTPS certificate for.
- Click on the Update Certificate link.
- Click on Create Grid Signed Certificate.
- Fill in the information needed in the new certificate. The Host FQDN is required but the rest is optional depending on the deployment scenario. The Host FQDN and alternate names should be pre-filled with the values of the existing SSL certificate for the Identity. See Create a new HTTPS identity with a Grid-signed certificate (step 9) for more information about the alternate names.
- Select the expiration date of the certificate.
- Click on the Create button.