Renew certificates for Secure SD-WAN Manager components and Engines when certificate authorities expire
If a certificate authority is about to expire, the components that use certificates signed by the certificate authority require new certificates that are signed by a valid certificate authority.
Messages in the Management Client about expiring certificate authorities indicate that a certificate authority is about to expire, a new certificate authority has been automatically created, or a certificate authority has expired.
You might need to renew certificates for Secure SD-WAN Manager components and Engines in the following cases:
- The certificate authority that signed the certificate of a component is about to expire.
- A certificate authority has been automatically renewed, and a new certificate must be generated for the component.
- Components refuse connection attempts with each other.
- Automatic certificate renewal for Engines fails.
For more details about the product and how to configure features, click Help or press F1.
Steps
- Recertify the Secure SD-WAN Manager servers.
- To use the new certificate on Engines after automatic certificate renewal, refresh the policy.
- If the automatic certificate renewal for Engines fails, renew the Engine certificates manually.