Skip to content

Rotating Director Cert

Jump to bottom Edit New page
Ciro S. Costa edited this page Apr 29, 2019 · 1 revision 
# install CLI for https://sslmate.com
brew install sslmate

# get username/password
lpass show -G sslmate

# log in
sslmate link

# renew cert
sslmate renew bosh.concourse.ci

To verify the renewal, log in at https://mail.google.com using the user/pass in lpass show 'Concourse SSL Administrator'. The certificates will be downloaded into the working directory. They can also be downloaded via sslmate download bosh.concourse.ci.

Next, run lpass edit 'Prod bosh.yml Credentials' --notes and fill in director_cert and director_key by taking the contents of bosh.concourse.ci.chained.crt and bosh.concourse.ci.key, respectively.

Then, run make in the prod directory in the deployments repo.

NOTE: this may result in re-creating the forwarding rules and thus new IPs that we need to set in Route 53. You'll see them in the output, in green. The credentials for Route 53 are available under `lpass show 'Shared-Concourse/AWS'.

Add a custom footer

Project Management

Contributing

Community Content

Troubleshooting

Pivotal 👀 only

Clone this wiki locally