The Key factor signed certificate is not refreshed
search cancel

The Key factor signed certificate is not refreshed

book

Article ID: 424969

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

The new key factor signed certificate in Policy manager has been replaced but it is not refreshed and still showing the message the cert is expired. The refreshOnKeyChange parameter has been set in the environment.

Environment

API Gateway 11.1.X

Cause

The refreshOnKeyChange parameter is applicable to the listen ports to watch changes made to the private key. If you were to select a different private key on the listen port (from the dropdown menu), the change would be picked up without having to restart the gateway service. 

The parameter has nothing to do with replacing the certificate chain the default SSL key.

Resolution

When you replace a certificate chain, the gateway service must be restarted. 

Additional Information

REF: Manage Listen Ports
REF: Private Key Properties

Powered by Wolken Software