bosh: x509: certificate has expired or is not yet valid

Hi Team,

We forgot to rotate out bosh env cert on time and now while targetting same giving errors as below:

bosh deployments
Fetching info:
  Performing request GET 'https://10.xxx.xx.xxx:25555/info':
    Performing GET request:
      Get https://10.xxx.xx.xxx:25555/info: x509: certificate has expired or is not yet valid

Exit code 1

Please help how we can rotate certs without any downtime for services deployed there, if not feasible what could be best solution here.

Best Regards Ganesh

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Comments: 22 (7 by maintainers)

Most upvoted comments

Hello @kumarganesh2814 ,

The best way to replace the certs now is to do the following: https://bosh.io/docs/nats-ca-rotation/#expired

You’ll need to remove the existing creds, recreate the director (no downtime for deployed apps), and then recreate --fix all your deployments. You may experience downtime here, depending on how your deployed jobs are configured.

+2
h4xnoodle on Nov 11, 2019
Read more comments on GitHub
← bosh: Two releases with a same named package fail
cf-java-client: Firehose netty leaks with reactor 3.1.2+0.7.2 Fails with reactor 3.1.3+0.7.3 →