Updating a Certificate PEM
For imported certificates and certificates with a private key that you manage externally, you can't use the Certificatesservice to automate renewal for the certificate, but you can update the certificate yourself. A new PEM can contain an SSL certificate, the certificate's private key, an SSL certificate chain with certificates and their associated private keys, or a certificate signing request (CSR) signed by the issuing third-party certificate authority (CA).
- Note
The command that you use to update a certificate PEM depends on whether the certificate has a private key that you manage externally or whether the certificate was issued by a third-party certificate authority (CA) and then imported.Use the oci certs-mgmt certificate update-certificate-managed-externally command and required parameters to update a certificate that has a private key that you manage externally:
oci certs-mgmt certificate update-certificate-managed-externally --certificate-id <certificate_OCID> --csr-pem <certificate_signing_request_PEM>
For example:
oci certs-mgmt certificate update-certificate-managed-externally --certificate-id ocid1.certificate.oc1.<region>.<unique_ID> --csr-pem file://path/to/csr.pem
Or, use the oci certs-mgmt certificate update-certificate-by-importing-config-details command and required parameters to update a certificate that you imported:
oci certs-mgmt certificate update-certificate-by-importing-config-details --certificate-id <certificate_OCID> --certificate-pem <certificate_PEM> --private-key-pem <certificate_private_key_PEM> --cert-chain-pem <certificate_chain_PEM>
For example:
oci certs-mgmt certificate update-certificate-by-importing-config-details --certificate-id ocid1.certificate.oc1.<region>.<unique_ID> --certificate-pem file://path/to/certificate.pem --private-key-pem file://path/to/privatekey.pem --cert-chain-pem file://path/to/certificatechain.pem
For a complete list of flags and variable options for CLI commands, see the CLI Command Reference.
Run the UpdateCertificate operation to update a certificate PEM.