Updating a Certificate PEM

For imported certificates and certificates with a private key that you manage externally, you can't use the Certificatesservice to automate renewal for the certificate, but you can update the certificate yourself. A new PEM can contain an SSL certificate, the certificate's private key, an SSL certificate chain with certificates and their associated private keys, or a certificate signing request (CSR) signed by the issuing third-party certificate authority (CA).

• Console
• CLI
• API

• 1. Open the navigation menu and click Identity & Security.
  2. Under Certificates, click Certificates.
  3. From the list of certificates in the compartment, click the name of the certificate that you want to update.

     To find a certificate in a different compartment, under List scope, choose a different compartment.

  4. Under Versions, click Renew Certificate.
  5. For externally managed certificates, provide a new CSR. For imported certificates, provide new certificate contents by doing one of the following:
     • For the CSR or each component of the certificate, click Upload File, and then click Select One to upload the PEM file.
     • For the CSR or each component of the certificate, click Paste Content, and then click the text box to paste the PEM file contents directly.
  6. (Optional) For imported certificates, if the private key has a passphrase, click Private Key PEM Passphrase and provide the passphrase.
  7. When you're ready, click Renew Certificate.
• Note
  
  The command that you use to update a certificate PEM depends on whether the certificate has a private key that you manage externally or whether the certificate was issued by a third-party certificate authority (CA) and then imported.

  Use the oci certs-mgmt certificate update-certificate-managed-externally command and required parameters to update a certificate that has a private key that you manage externally:

  oci certs-mgmt certificate update-certificate-managed-externally --certificate-id <certificate_OCID> --csr-pem <certificate_signing_request_PEM>

  For example:

  oci certs-mgmt certificate update-certificate-managed-externally --certificate-id ocid1.certificate.oc1.<region>.<unique_ID> --csr-pem file://path/to/csr.pem

  Or, use the oci certs-mgmt certificate update-certificate-by-importing-config-details command and required parameters to update a certificate that you imported:

  oci certs-mgmt certificate update-certificate-by-importing-config-details --certificate-id <certificate_OCID> --certificate-pem <certificate_PEM> --private-key-pem <certificate_private_key_PEM> --cert-chain-pem <certificate_chain_PEM>

  For example:

  oci certs-mgmt certificate update-certificate-by-importing-config-details --certificate-id ocid1.certificate.oc1.<region>.<unique_ID> --certificate-pem file://path/to/certificate.pem --private-key-pem file://path/to/privatekey.pem --cert-chain-pem file://path/to/certificatechain.pem

  For a complete list of flags and variable options for CLI commands, see the CLI Command Reference.

• Run the UpdateCertificate operation to update a certificate PEM.