(Centos 7 server / WHM 58.0 build 32)
I am calling UAPI install_ssl to install a wildcard cert on a subdomain on my server. The script works fine when installing a certificate on a subdomain with no existing certificate installed. Now I have a wildcard cert installed on this account (expires in February 2017) and I want to test the renewal process via my script that handles updating the cert when it is close to expiration.
I generated a new wildcard SSL certificate and I call UAPI install_ssl function to install it. It returns with a message: "This certificate was already installed on this host. The system made no changes" and the updated certificate is not installed, which makes sense.
I realize the current certificate is not due to expire until next year, but I want to test the renewal process by installing a new copy of the wildcard cert on this account. I am unsure if this function will allow the new certificate to be installed over the current certificate at a later time, closer to it's expiration date or if I need to do something manually to "force" the installation of a new SSL cert via the UAPI when one already exists on that account.
My questions:
1) Does the UAPI install the new cert based on the expiration date of the current certificate (assuming one is installed)? If so, when does this function actually succeed in updating the certificate with the new one provided (that is, how close to the old cert's expiration date)?
2) Is there a way to force the installation of the new certificate regardless of the existing cert's expiration, short of deleting the existing cert using UAPI SSL::delete_cert and then attempting the installation of the new cert?
Thanks!
I am calling UAPI install_ssl to install a wildcard cert on a subdomain on my server. The script works fine when installing a certificate on a subdomain with no existing certificate installed. Now I have a wildcard cert installed on this account (expires in February 2017) and I want to test the renewal process via my script that handles updating the cert when it is close to expiration.
I generated a new wildcard SSL certificate and I call UAPI install_ssl function to install it. It returns with a message: "This certificate was already installed on this host. The system made no changes" and the updated certificate is not installed, which makes sense.
I realize the current certificate is not due to expire until next year, but I want to test the renewal process by installing a new copy of the wildcard cert on this account. I am unsure if this function will allow the new certificate to be installed over the current certificate at a later time, closer to it's expiration date or if I need to do something manually to "force" the installation of a new SSL cert via the UAPI when one already exists on that account.
My questions:
1) Does the UAPI install the new cert based on the expiration date of the current certificate (assuming one is installed)? If so, when does this function actually succeed in updating the certificate with the new one provided (that is, how close to the old cert's expiration date)?
2) Is there a way to force the installation of the new certificate regardless of the existing cert's expiration, short of deleting the existing cert using UAPI SSL::delete_cert and then attempting the installation of the new cert?
Thanks!
