consul icon indicating copy to clipboard operation
consul copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Consul tls command should be able to renew

Open reskin89 opened this issue 1 year ago • 1 comments

Feature Description

Currently the consul tls command only has create functionality for a server certificate. However, to avert having to distribute a new trust chain to all clients, it would be helpful if this also had a consul tls renew that took the current certificate and key, and generated a new certificate that its CA chain resolves to, to avoid a service disruption to clients.

Use Case(s)

Renewing a Consul TLS Server Certificate with minimal impact to registered nodes.

reskin89 avatar Feb 12 '24 19:02 reskin89

Hi @reskin89, We have similar issue to alert about TLS expiry in UI https://github.com/hashicorp/consul/issues/19358 and the PR for that https://github.com/hashicorp/consul/pull/19427

Its good suggestion to have renew command as well, looking into this.

vijayraghav-io avatar Feb 13 '24 06:02 vijayraghav-io