03 Sep 2019
01:41 AM
- last edited on
28 Sep 2022
03:08 AM
by
MaciejNeumann
Hi all.
We have a doubt. We are seeing that the SSL certificate of the cluster hosts expire in a few days.
What does it affect if it expires?
Can monitoring data be lost?
Or Is it renewed automatically?
Is there anything we should keep in mind before the expiration date?
Thanks in advance.
Jose A
Solved! Go to Solution.
Certificate should be automatically renewed. I'll check the details and update you on that.
If a certificate expired you will see the warning in the browser when accessing UI. Monitoring should not be affected.
Thanks you Radoslaw.
Can you confirm the automatic renewal?
Is there any way to renew it manually before it expires? and thus avoid problems...
Regards
Dynatrace by default uses certificates from Letsencrypt, unless you are using your own certs. They are normally valid for 3 months. I think the renewal process starts about a week before the expiration.
You don't need to worry about that. Unless you lose the connectivity to mission control, the certificates will be renewed automatically.
It expires on October 26th - which is in 1.5 month ahead. Certificate will be refreshed 14 days before an expiration time.
Ah and there's no way to refresh that manually.
Actually there is 🙂 You need to disable and then re-enable the certificate management. New certificates will be generated. However, this may result in broken communication (for UI clients) during the time the certificate management is disabled (selfsign certificate will be used as far as I remember unless you specify your own one).
So this is definitely not a recommended way to do refresh certificates.
Last time I've tried this the certs were regenerated. But it could be a coincidence anyway.