Hi Team,
My ignition SSL certificate is going to expire by next month.
i want to know what all the steps that needs to be followed once the new certificate is generated. How to generate the new certificate?
Do i need to upload again in gateway? if yes where i need to upload.
Also when i am changing the new certificates will it affect the data flow? we are using MQTT & in-built drivers for data transmission.
Does it require any restart of ignition server?
since i am doing this for first time i need some guidance.
Assuming HTTPS cert, here’s a good starting point:
A new HTTPS cert can be updated live, with no impact to production. You do not need to wait until the old cert expires. As soon as you have a new one (either purchased from a Certificate Authority, or a self-signed), you can import it.
Before I steer you in the wrong direction, it might be best to clearly identify which certificates are expiring.
There are different certificates used throughout Ignition for different purposes. I started typing them out and linking to each, then found a page that Inductive already compiled: Security Certificates
Regarding Web Server SSL only, both of your gateways will host their own web server and will therefore need certs to be updated in each server manually - should have no impact to external devices using that connection - all as @aryavani.m mentioned above. This is one of the few things that does not sync between redundant gateways.