Updating the Db2 SSL certificate after the Cloud Pak for Data self-signed certificate is updated

When the Cloud Pak for Data self-signed certificate is updated, the Db2 SSL certificate also must be updated.

About this task

In Cloud Pak for Data version 5.0.0

Procedure

  1. As default user db2uadm, disable the Wolverine high-availability monitoring process: 
    wvcli system disable
  2. Deactivate the database, stop Db2, and perform an ipclean process: 
    su - db2inst1 -c "db2 force application all && db2 deactivate db ${DBNAME} && db2stop force && rah 'ipclean -a'"
  3. Reconfigure the Db2 SSL certificate to pick up the changes to the Cloud Pak for Data certificate: 
    su - db2inst1 -s /bin/bash -c "source /db2u/scripts/include/db2_ssl_functions.sh && rotate_ssl_certs"
  4. Start Db2 and activate the database: 
    su - db2inst1 -c "db2start && db2 activate db ${DBNAME}"
  5. As default user db2uadm, re-enable Wolverine: 
    wvcli system enable