Renewing end-entity certificates
Renew an API Connect end-entity certificate.
About this task
To renew an end-entity certificate, delete the secret that corresponds to the certificate. Cert-manager detects the deletion of the secret and re-creates it with a new x509 certificate.
For more information about API Connect certificates, see API Connect TLS certificates.
- Get a list of all certificates in your API Connect namespace:
kubectl -n <namespace> get certificatesThe output lists all certificates with their status, age, and the name of the corresponding secret. In this example, the certificate that is used by the API Manager UI is shown:
By default the secret names are identical to the certificate names.
NAME READY SECRET AGE ... apim-endpoint True apim-endpoint 13d ...
- Delete the secret for the certificate that you want to renew:
kubectl -n <namespace> delete secret <secret name>Cert-manager detects the deletion of the secret and creates a new secret with a newly generated x509 certificate.