What actions to be taken at storage end when certificate gets renewed at server end ?
Applies to
- IBM Cloud Object Storage
- FAS
- SSL certificate
Answer
Need to disable the certificate validation on the storage end and then proceed with the renewal of certificates on the server end, so that when communication is taking place, no certificate validation happens at the storage end and no impact.
::*> storage aggregate object-store config modify -object-store-name my-store -port 443 -is-certificate-validation-enabled false
Additional Information
Once the renewal of certificates is done on the server side, you can perform the following checks and if all looks fine, then enable the certificate validation.
::*> storage aggregate object-store show
::*> storage aggregate object-store profiler start -node <node_name>
::*> storage aggregate object-store profiler show
::*> storage aggregate object-store config modify -object-store-name my-store -port 443 -is-certificate-validation-enabled true