Oracle Cloud Infrastructure Documentation

Making a Certificate Authority Version Current

Make a certificate authority (CA) version the current version to put it into active use.

A CA version marked as anything other than deprecated can be marked as current when you want to use it. You can't make a CA version that's marked as deprecated the current CA version.

    1. Open the navigation menu and click Identity & Security.
    2. Under Certificates, click Certificate Authorities.
    3. From the list of CAs in the compartment, click the name of the CA with the CA version that you want to actively use by making it current.

      To find a CA in a different compartment, under List scope, choose a different compartment.

    4. Under Resources, click Versions.
    5. Under Versions, find the CA version with the bundle that you want to make current.
    6. Click the Actions menu (Actions Menu) for the certificate version, and select Make Current.
    7. Confirm the promotion by clicking Make Current.

  • The command you use to make a CA version the current version depends on whether the CA is a root CA or a subordinate CA.

    For a root CA, use the oci certs-mgmt certificate-authority update-root-ca-by-generating-config-details command and required parameters to make a CA version the current version:

    oci certs-mgmt certificate-authority update-root-ca-by-generating-config-details --certificate-authority-id <CA_OCID> --stage <rotation_state>

    For example:

    oci certs-mgmt certificate-authority update-root-ca-by-generating-config-details --certificate-authority-id ocid1.certificateauthority.oc1.<region>.<unique_id> --stage CURRENT

    For a subordinate CA, open a command prompt and run oci certs-mgmt certificate-authority update-subordinate-ca-issued-by-internal-ca command required parameters to make a CA version the current version:

    oci certs-mgmt certificate-authority update-subordinate-ca-issued-by-internal-ca --certificate-authority-id <CA_OCID> --stage <rotation_state>

    For example:

    oci certs-mgmt certificate-authority update-subordinate-ca-issued-by-internal-ca --certificate-authority-id ocid1.certificateauthority.oc1.<region>.<unique_id> --stage CURRENT

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Run the UpdateCertificateAuthority operation to make a CA version the current version.