Current ELK cluster version: v7.3
I'm currently using a self-signed cert generated using the elasticsearch-certutil tool. By default, the CA and Certificate expire in 3 years. I plan to use the self-signed certs in Prod.
What can I expect to happen when the CA and/or cert expires? Will my cluster fail? Is it necessary to generate and deploy new certs?
By the way, as a test, I generated a new cert using the original CA cert. I set the expire date for 1 day. I deployed it my transport layer for my existing cluster. After 3 days, the cluster still runs fine. Note: The CA file doesn't expire until 2022.
Thanks In Advance.
Additional note: I'm posting this question as a follow up to my previous question at Problem attempting to migrate from self-signed SSL cert to a CA issued SSL cert