You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While a certificate can generally be renewed at any time, the updated certificate file (or stored cert) may not actually be applied until a service restarts (such as Apache, MS Remote Desktop Gateway etc).
Ideally a user should be able to specify when to deploy a renewed certificate:
Time of day
Day of Week/Month
This would effectively be the post-request stage of the renewal process, including the post-request scripting (if any). This would require determining how to handle certificate stored before deployment (is it applied to the certificate store already?) and UI to specify target date/time preferences.
This overall concept is that many users will have a 'maintenance window' where they can tolerate service restarts etc. The assumption is that this would only take place if the certificate renewal has already succeeded (as a renewal can take multiple attempts and must tolerate failure, whereas deployment is generally expected to only happen once per renewed certificate).
The text was updated successfully, but these errors were encountered:
Yes, this is planned for v5 (the next major version) which already has most of this functionality in the new Deployment Tasks feature (some or all deployment steps can be deferred and run from command line or as a scheduled task, or from the UI on demand).
While a certificate can generally be renewed at any time, the updated certificate file (or stored cert) may not actually be applied until a service restarts (such as Apache, MS Remote Desktop Gateway etc).
Ideally a user should be able to specify when to deploy a renewed certificate:
This would effectively be the post-request stage of the renewal process, including the post-request scripting (if any). This would require determining how to handle certificate stored before deployment (is it applied to the certificate store already?) and UI to specify target date/time preferences.
This overall concept is that many users will have a 'maintenance window' where they can tolerate service restarts etc. The assumption is that this would only take place if the certificate renewal has already succeeded (as a renewal can take multiple attempts and must tolerate failure, whereas deployment is generally expected to only happen once per renewed certificate).
The text was updated successfully, but these errors were encountered: