Manually renew client certificate

Between the duration of 90 days and 60 days of the client's certificate expiry, the client logs the Client certificate will expire in <number> Days notification message every day. In-between the duration of 60-0 days, if the Certificate Auto Renewal toggle is turned on, the client certificate will be auto-renewed. Else, the client will log the notification message everyday and can manually renew the certificate as described below.

For Kubernetes deployment with Helm

1. In the values.yaml file, under configuration, update the value of servercrt and serverkey with the ones received from the CipherTrust Manager.

2. Update your CRDP deployment using the following command.

           helm upgrade <helm chart name> <path of helm chart>
   

For Kubernetes deployment without Helm

1. In your deployment file, in the data section of kind:Secret, update the value of server.crt and server.key with the ones received form the CipherTrust Manager.

2. Update your CRDP deployment using the following command.

           kubectl replace -f <deployment_filename>
   

For Standalone deployment

1. Stop the existing container.

2. Re-run the CRDP in container environment, as shown below:

           docker run -e KEY_MANAGER_HOST=<IP address or host name> -e REGISTRATION_TOKEN=<registration token> -p <host port>:<CRDP_port> -e SERVER_MODE=tls-cert-opt -e CERT_VALUE="<certificate>" -e KEY_VALUE="<key value>" <crdp image name>
   

As soon as the CRDP container comes up, it will get the new certificate and configurations from the CipherTrust Manager.