I am running elasticsearch version 8.12.0. I renewed http.p12 to year 2036. However, http_ca.crt will expired soon. Am I need to renew it too? If yes, how to renew the http_ca.crt. Or I need to create another CA.crt? Thanks!
When CA expires, that means all issued certificates are not valid any more. Steps are the same as you creating CA from 0, create CA, issue certificates etc.
that is I cannot renew the http_ca.crt. I have to create a new ca myself right?
Check this article.
Big thx. I already renew the http.p12 by using the original CA, http_ca.crt. However, i notice the http_ca.crt will expired soon. So a better solution is to renew the http_ca.crt and then the http.p12. So I would like to know is there any way to renew the http_ca.crt. Or I need to generate a new CA myself and followed by new http.p12