Revoke the old certificate instead of deleting it
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
This commit is contained in:
Michal Konečný
parent
db2d87e59c
commit
026b1c9036
1 changed files with 2 additions and 5 deletions
|
|
@ -47,14 +47,11 @@ Source: https://pagure.io/fedora-infrastructure/issue/8638
|
|||
|
||||
# Regenerating TLS certificates
|
||||
|
||||
* First remove old files
|
||||
* First revoke old certificate
|
||||
|
||||
In the staging subdir run
|
||||
```
|
||||
rm -f pki/reqs/<service_name>.stg.req
|
||||
rm -f pki/private/<service_name>.stg.key
|
||||
rm -f pki/issued/<service_name>.stg.crt
|
||||
rm -f pki/certs_by_serial/<serial_number_of_cert>.pem
|
||||
/usr/share/easy-rsa/3/easyrsa revoke <service-name>
|
||||
```
|
||||
|
||||
Same for production, but without `.stg` in name and the commands need to be run from production subdir
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue