GLUU Ldap Certificate Update

By: Praveen Srinivasan user 30 Apr 2021 at 6:29 a.m. CDT

4 Responses
Praveen Srinivasan gravatar
Hi Team, When we install fresh GLUU, opendj.crt is created by default and it is valid for 1 year. After 1 year due the crt expiration oxauth and oxtrust services throwing error while connecting to ldap. Is there a way to update the opendj certificate in GLUU? I can see that we can update Httpd certificate by following https://gluu.org/docs/gluu-server/4.2/admin-guide/certificate/ link. But I couldn't find a way to update opendj ssl.
Gluu 4.2.1 Ubuntu 18.04
closed

Answers

By Mobarak Hosen Shakil staff 01 May 2021 at 8:29 a.m. CDT

Copy
Mobarak Hosen Shakil gravatar
Hi Praveen Srinivasan, I found that the opendj has 20yrs validity and others (apache, idp) valid for 1yr. ![screenshot.png](https://i.ibb.co/JmxQrbD/Screenshot-from-2021-05-01-08-02-26.png) Please do a check and correct me if i am wrong. Thanks & Regads ~ Shakil

By Mohib Zico staff 01 May 2021 at 1:47 p.m. CDT

Copy
Mohib Zico gravatar
Indeed. OpenDJ cert should never expire within one year. That's how it is. Thanks for double checking, Shakil.

By Praveen Srinivasan user 02 May 2021 at 4:06 a.m. CDT

Copy
Praveen Srinivasan gravatar
Hi team, My question is if the certificate is expired, what is the procedure to update? I can see in my environment the certificate will be expired in Feb 2022 (Find the screenshot below). ![enter image description here](https://i.ibb.co/86PpM7Z/screenshot-2021-05-02-14-39-03.png "enter image title here") Same like in another environment the certificate is expired already. What is the procedure to update the certificate?

By Mohib Zico staff 02 May 2021 at 9:32 a.m. CDT

Copy
Mohib Zico gravatar
Hi Praveen, Actually, Gluu is not yet 20 years old company so none of our customers or we ever faced this issue yet. Here is another screenshot of a default installation of 4.2.3 attached. However, this is a good point... "How to update OpenDJ certificate". And, you can start with [this](https://backstage.forgerock.com/knowledge/kb/article/a72105266) doc. May be in future, if required we will publish a doc publicly on how to renew WrenDS certificate inside Gluu Server.
Capture.PNG

Post an answer