mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-07 00:48:01 +01:00
48 lines
1.2 KiB
Plaintext
48 lines
1.2 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * virt/node_maintenance/virt-refresh-certificates.adoc
|
|
|
|
[id="virt-refreshing-certificates_{context}"]
|
|
= Refreshing TLS certificates
|
|
|
|
To refresh the TLS certificates for {VirtProductName}, download and run the `rotate-certs` script. This script is available from the `kubevirt/hyperconverged-cluster-operator` repository on GitHub.
|
|
|
|
[IMPORTANT]
|
|
====
|
|
When refreshing the certificates, the following operations are impacted:
|
|
|
|
* Migrations are canceled
|
|
* Image uploads are canceled
|
|
* VNC and console connections are closed
|
|
====
|
|
|
|
.Prerequisites
|
|
|
|
* Ensure that you are logged in to the cluster as a user with `cluster-admin` privileges.
|
|
The script uses your active session to the cluster to refresh certificates in the `openshift-cnv` namespace.
|
|
|
|
.Procedure
|
|
|
|
. Download the `rotate-certs.sh` script from GitHub:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ curl -O https://raw.githubusercontent.com/kubevirt/hyperconverged-cluster-operator/master/tools/rotate-certs.sh
|
|
----
|
|
|
|
. Ensure the script is executable:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ chmod +x rotate-certs.sh
|
|
----
|
|
|
|
. Run the script:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ ./rotate-certs.sh -n openshift-cnv
|
|
----
|
|
|
|
The TLS certificates are refreshed and valid for one year.
|