閱讀及檢閱 Automation Anywhere 文件

Automation 360

關閉內容

內容

開啟內容

Renew and replace certificates and keys

  • 已更新:2022/09/21
    • Automation 360 v.x
    • 組建
    • FortressIQ

Renew and replace certificates and keys

In the customer-managed certificates deployment model (unlike in the PEG-managed certificates deployment model), certificates and keys that are about to expire are not renewed and replaced automatically, so you need to perform these tasks manually.

Prerequisites

When your certificates are about to expire, you must perform the following tasks:
  1. Create a new certificate.
  2. Upload the new certificate.
Create a new certificate and key. Ensure that PEG creates the new certificate signing request.

If you want PEG to generate the new certificates and keys, perform the following steps:

Procedure

  1. Run cd peg && ./peg_start.sh.
  2. Select Cluster Management.
    select cluster management

  3. Select Generate Certificate Requests.
    select generate certificate requests

  4. Fill out the options that follow.
  5. Exit the menu.
  6. The csrs are located in ~/peg/csr.
  7. Create certificates. For more information, see Create certificates.

Upload the new certificates

Upload the new PEG certificates.

Procedure

  1. Copy the PEG certificates that you created to the /peg_v/certs/ directory.
    Ensure that they are named according to the certificate file names in Table 1.
  2. If you also created your own keys, then copy the PEG keys that you created to the /peg_v/keys/ directory. Ensure that the keys are not password-protected. Also, ensure that they are named according to the certificate file names in Table 1.
    If you did not create your own keys, then the PEG-generated keys are included by PEG.
  3. Run ~/peg/scripts/validatecerts.sh.
    To confirm that the certificates are valid, continue only if the script displays the following: All checks passed!
  4. Run the following command on PEG so it loads the latest certificates:
    kubectl rollout restart deployment.apps/traefik -n kube-system
傳送意見反饋