Page 1 of 1
NCPA certificate replacement
Posted: Thu Apr 23, 2020 12:29 pm
by hbouma
I have a question about the NCPA certificate (usr/local/ncpa/var/ncpa.crt).
Does this certificate ever get updated during the update of the NCPA agent? If not, what is the recommended way to update this certificate?
Re: NCPA certificate replacement
Posted: Thu Apr 23, 2020 1:21 pm
by jomann
The certificate will be re-made if it is deleted or removed, but it does not get updated during an upgrade. If you just want it to generate a new one, delete the cert file (ncpa.crt) and key file (ncpa.key) and then restart the ncpa listener.
Re: NCPA certificate replacement
Posted: Thu Apr 23, 2020 1:40 pm
by hbouma
Just 2 quick questions.
If the cert is deleted, will the checks fail until the service is restarted and the cert recreated?
Also, would we need to delete both the crt file and the key file?
Re: NCPA certificate replacement
Posted: Thu Apr 23, 2020 3:06 pm
by cdienger
If the cert or key are removed then the checks will fail with an UNKNOWN status until they are recreated.
If you delete the key then the next time the service is run it will generate both a new key and new cert.
Re: NCPA certificate replacement
Posted: Thu Apr 23, 2020 3:10 pm
by hbouma
Thank you. That is all we need.