Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SAP Sybase SQL Anywhere, on-demand edition 1.0 Support Package 3 » SAP Sybase SQL Anywhere, on-demand edition 1.0 » Security considerations

 

Altering TLS certificates

Customize TLS certificates by supplying your own identity file along with its password. This identity file can be replaced and deployed to the other hosts in the cloud by running the AlterCloudIdentity task.

Prerequisites

All hosts in the host_list parameter must be running. To alter the TLS certificate when there are hosts that are not running, ensure that the host_list parameter excludes those hosts.

Hosts that are excluded from the host_list parameter do not receive the new certificates and are no longer able to communicate with the cloud. Manually replace the certificates for any hosts that are excluded from the host _list parameter.

Context and remarks

You must replace TLS certificates before they expire.

 Task
  1. On the Events panel, click Run new task.

  2. Click the AlterCloudIdentity task, click Next, and then follow the instructions.

  3. After deploying the new identity file, restart each cloud server so that each cloud server uses the new identity file.

    After all cloud servers have been restarted, the new identity file becomes the only valid identity file.

Results

The TLS certificate is customized with the new identity file and password.

Next

Until all cloud servers are restarted, both the old and new identity files are accepted.

Once all cloud servers are restarted, the CleanCloudTrustedCertificate task is automatically run, removing previous trusted certificates so that only the current identity file is accepted.

 See also