Commit 3d43ffb
Salvatore Nitopi
CMK-25340 - 18988 Automatic certificate rotation for "Authority Key Identifier" compliance
With the release of Checkmk 2.5, we have introduced an automatic update that seamlessly rotates the site certificate.
The update action checks whether the existing site certificate has the "Authority Key Identifier" property (that was introduced with Werk 18990).
If the property is missing, the script automatically rotates (regenerates) the certificate. This ensures that, after the update, all certificates are compliant with the new standard.
No user action is required during the update process.
If a certificate already has the AKI property, no changes are made.
Additionally, the underlying certificate creation libraries have been updated. Any certificate manually created or rotated in the future (e.g., via the cmk-cert tool) will include the Authority Key Identifier by default.
Change-Id: I84efeef694963ae0ec702b50aab7e5e738a8973d1 parent 74abd8c commit 3d43ffb
1 file changed
+22
-0
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
0 commit comments