Home Forums CA Single Sign-On What is the best procedure for renewal of certificate? Reply To: What is the best procedure for renewal of certificate?

#630

ujwols
Keymaster

Hi Dhilip,

If we are talking about best/recommended approach for certificate renewal, then it is:

1. Deactivate partnership.
2. Import new certificate with new alias.
3. Update partnership to use new certificate.
4. Activate partnership.

The only downside of this approach is there will be downtime during this process.

The procedure mentioned in the thread you reffered to may give uncertain result.

Having said that this is now lot easier to maintain with 12.8 onwards as it now provides option to have 2 certs, one primary and other backup. So even if the primary cert expires the partnership will fallback to use secondary cert.