Customize TLS certificates by supplying your own identity file along with its password.
All hosts in the host_list parameter must be running. To alter the TLS certificate when there are hosts that are not running, ensure that the host_list parameter excludes those hosts.
Hosts that are excluded from the host_list parameter do not receive the new certificates and are no longer able to communicate with the cloud. Manually replace the certificates for any hosts that are excluded from the host _list parameter.
This identity file can be replaced and deployed to the other hosts in the cloud by running the AlterCloudIdentity task.
You must replace TLS certificates before they expire.
After all cloud servers have been restarted, the new identity file becomes the only valid identity file.
The TLS certificate is customized with the new identity file and password.