Certificate ldap.crt expired no login possible

[typomedia]

Describe the bug

I'm using OCIS since version 2.0.0. I have not been able to log in for a few days now. After updating to 3.0.0, the problem persisted.
I then took a closer look at the logs and found that the certificates for LDAP in /var/lib/ocis/idm had expired.

How can I renew them?

Steps to reproduce

openssl x509 -in /var/lib/ocis/idm/ldap.crt -text -noout
Certificate:
        ...
        Issuer: O = Acme Corp, CN = OCIS
        Validity
            Not Before: Nov 19 14:53:06 2022 GMT
            Not After : Nov 19 14:53:06 2023 GMT
        Subject: O = Acme Corp, CN = OCIS
...

Actual behavior

Setup

Please describe how you started the server and provide a list of relevant environment variables or configuration files.

OCIS_INSECURE=true
OCIS_URL=https://example.com

PROXY_HTTP_ADDR=0.0.0.0:9200
PROXY_TLS=false

OCIS_LOG_LEVEL=error
OCIS_CONFIG_DIR=/etc/ocis
OCIS_BASE_DATA_PATH=/var/lib/ocis

Workaround

In order to backup my file and being able to log in again, I have moved the certificates.
After that you can log in again...

root@owncloud:/var/lib/ocis/idm# mv ldap.crt ldap.crt.bak
root@owncloud:/var/lib/ocis/idm# mv ldap.key ldap.key.bak

After upgrading from 2.0.0 to 3.0.0 I had to delete /var/lib/ocis/search. Otherwise the search service won't start/work

Nov 26 15:03:48 owncloud ocis[3273]: {"level":"error","service":"search","error":"error parsing mapping JSON: unexpected end of JSON input\nmapping contents:\n","time":"2023-11-26T15:03:48.222466163Z","message":"Error initializing search service"}

systemctl stop ocis
rm -rf /var/lib/ocis/search
systemctl start ocis

[typomedia]

By [re]moving the ldap.crt and ldap.key and restarting ocis the certificates seem to be recreated. I'm not sure now, if it happened only after upgrading to 3.0.0.

[2403905]

Does the search work properly after re-indexing?

[typomedia]

Does the search work properly after re-indexing?

Yes! Everything is working fine. Reindexing took several minutes.