security key-manager certificate update

Update key manager SSL certificates

Availability: This command is available to cluster administrators at the admin privilege level.

Description

This command updates an SSL/TLS certificate in-place without requiring the original SSL/TLS certificate to be deleted. This command is not supported when onboard key management is enabled.

Parameters

-type {client|server} - SSL Certificate Type
This parameter is either "client" or "server". If "client", the internal client certificate is replaced. If "server", the internal server certificate is replaced.
[-address <IP Address>] - Key Manager IP Address
This parameter updates the key manager server certificate for a particular key management server at the given IP address.

Examples

The following example is for updating a server certificate.
 
cluster1::> security key-manager certificate update -type server -address 10.232.186.8

Node: cluster1
Key manager 10.232.186.8  certificate-authority certificate will be updated.
Update successful.


Node: cluster2
Key manager 10.232.186.8  certificate-authority certificate will be updated.
Update successful.
The following example is for updating a client certificate.
 
cluster1::> security key-manager certificate update -type client

Node: cluster1
The system client certificate registered with key manager will be updated.
Update successful.


Node: cluster2
The system client certificate registered with key manager will be updated.
Update successful.