Update key manager SSL certificates
Availability: This command is available to cluster administrators at the admin privilege level.
Description
This command updates an SSL/TLS certificate in-place without requiring the original SSL/TLS certificate to be deleted. This command is not supported when onboard key management is enabled.
Parameters
- -type {client|server} - SSL Certificate Type
- This parameter is either "client" or "server". If "client", the internal client certificate is replaced. If "server", the internal server certificate is replaced.
- [-address <IP Address>] - Key Manager IP Address
- This parameter updates the key manager server certificate for a particular key management server at the given IP address.
Examples
The following example is for updating a server certificate.
cluster1::> security key-manager certificate update -type server -address 10.232.186.8
Node: cluster1
Key manager 10.232.186.8 certificate-authority certificate will be updated.
Update successful.
Node: cluster2
Key manager 10.232.186.8 certificate-authority certificate will be updated.
Update successful.
The following example is for updating a client certificate.
cluster1::> security key-manager certificate update -type client
Node: cluster1
The system client certificate registered with key manager will be updated.
Update successful.
Node: cluster2
The system client certificate registered with key manager will be updated.
Update successful.