Regenerating system SSL self-signed certificates

Last Updated : Feb 06, 2025 |

About this task

This procedure is only required if the IP address or FQDN/Hostname in KVM on RHEL 8.10 has been changed or modified. System SSL self-signed certificates auto-renew and have a default expiry of 390 days.

Note:

Custom CA signed SSL certificates or user generated SSL certificates take precedence over system generated SSL certificates. If either of these certificates have been previously implemented on the system, regenerating system default certificates is not required. Instead proceed to the User generated or Custom CA certificates section.

Procedure

Log in to the first KVM on RHEL 8.10 host by using a Secure Shell (SSH) client i.e. Putty (not provided by Avaya).
Authenticate using the existing custadm credentials.

Execute the following commands:

cd /etc/cockpit/ws-certs.d/
ls -lrt
####Ensure there are only system generated certificates otherwise STOP####

Example:

sudo rm 0-* -f
######[Enter password for custadm] #####
sudo systemctl daemon-reload
sudo systemctl restart cockpit
ls -lrt

Example:

Note:

3 new files starting with ‘0-self-signed’ will get auto-generated. Files should have current system date.

Send Feedback

AVAYA DOCUMENTATION CENTER

No results found

AVAYA DOCUMENTATION CENTER

No results found

Installing the Avaya Solutions Platform 130 Series

Regenerating system SSL self-signed certificates

About this task

Procedure