mirror of
https://github.com/dyzulk/trustlab-docs.git
synced 2026-01-27 05:51:58 +07:00
36 lines
1.5 KiB
Plaintext
36 lines
1.5 KiB
Plaintext
---
|
|
id: renewal
|
|
title: Renewal Process
|
|
description: Certificates expire to ensure security rotation. TrustLab simplifies the renewal process so you don't experience downtime.
|
|
---
|
|
|
|
# Renewal Process
|
|
|
|
Certificates expire to ensure security rotation. TrustLab simplifies the renewal process so you don't experience downtime.
|
|
|
|
## When to Renew
|
|
You will receive an email notification:
|
|
- **30 days** before expiration.
|
|
- **7 days** before expiration.
|
|
- **1 day** before expiration.
|
|
|
|
## How to Renew (Manual Re-issue)
|
|
|
|
To renew a certificate, you simply generate a fresh one with the same domain name.
|
|
|
|
1. Go to **Certificates** and click **"Generate New"**.
|
|
2. **Identity**: Enter the **same Common Name (CN)** as your expiring certificate.
|
|
3. **Generate**: The system will issue a new certificate with a fresh validity period.
|
|
4. **Replace**: Download the new `.crt` (and `.key` if you didn't reuse the CSI) and replace the files on your server.
|
|
|
|
> [!NOTE]
|
|
> The old certificate will remain valid until it expires naturally. You can safely delete it after verifying the new one works.
|
|
|
|
## What Happens Next?
|
|
- A **new certificate** is generated with a new validity period.
|
|
- The **Private Key** remains the same (if "Reuse Key" was selected) OR a new key is generated (recommended).
|
|
- The old certificate remains valid until its original expiration date (unless revoked).
|
|
|
|
> [!IMPORTANT]
|
|
> You must **download and install the new certificate** on your server. Renewal **does not** happen automatically on the server side unless you use our ACME integration.
|