-
Notifications
You must be signed in to change notification settings - Fork 845
Rotating Director Cert
Ciro S. Costa edited this page Apr 29, 2019
·
1 revision
# install CLI for https://sslmate.com
brew install sslmate
# get username/password
lpass show -G sslmate
# log in
sslmate link
# renew cert
sslmate renew bosh.concourse.ci
To verify the renewal, log in at https://mail.google.com using the user/pass in lpass show 'Concourse SSL Administrator'
. The certificates will be downloaded into the working directory. They can also be downloaded via sslmate download bosh.concourse.ci
.
Next, run lpass edit 'Prod bosh.yml Credentials' --notes
and fill in director_cert
and director_key
by taking the contents of bosh.concourse.ci.chained.crt
and bosh.concourse.ci.key
, respectively.
Then, run make
in the prod
directory in the deployments
repo.
NOTE: this may result in re-creating the forwarding rules and thus new IPs that we need to set in Route 53. You'll see them in the output, in green. The credentials for Route 53 are available under `lpass show 'Shared-Concourse/AWS'.