Page created: 24 Jul 2019
|
Page updated: 13 Nov 2019
Retire the previous certificate by removing it from the topology registry after it expires, as follows:
$ dsconfig -n set-server-instance-prop \
--instance-name <instance-name> \
--set "inter-server-certificate<chain.crt"
Existing encrypted backups and LDIF exports remain unaffected. Because the public key is the same in the previous and new server certificates, the private key can decrypt them.