Renew an API Connect end-entity certificate.
About this task
To renew an end-entity certificate, delete the secret that corresponds to the certificate. Cert-manager detects the
deletion of the secret and re-creates it with a new x509 certificate.
For more information about API Connect certificates,
see API Connect TLS certificates.
Procedure
- Get a list of all certificates in your API Connect namespace:
kubectl -n <namespace> get certificates
The output lists all certificates with their status, age, and the name of the
corresponding secret. In this example, the certificate that is used by the
API
Manager UI is
shown:
NAME READY SECRET AGE
...
apim-endpoint True apim-endpoint 13d
...
By default the secret names are identical to the certificate
names.
- Delete the secret for the certificate that you want to renew:
kubectl -n <namespace> delete secret <secret name>
Cert-manager detects the
deletion of the secret and creates a new secret with a newly generated x509
certificate.