Script or command to update admin certificates for hyperledger Fabric on AKS?

Prabu Subramanian 1 Reputation point
2021-11-29T10:05:23.283+00:00

How to update admin certificates which will expire in an year?

Is there script or command ( like azhlf) to update admin certificates and keys & secrets in Kubernetes for Hyperledger Fabric on Azure AKS?

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,790 questions
Not Monitored
Not Monitored
Tag not monitored by Microsoft.
35,078 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. SRIJIT-BOSE-MSFT 4,311 Reputation points Microsoft Employee
    2021-11-29T11:42:08.737+00:00

    @Prabu Subramanian , thank you for your question.

    To rotate the AKS cluster certificates please follow the instructions here.

    ----
    Hope this helps.

    Please "Accept as Answer" if it helped, so that it can help others in the community looking for help on similar topics.

    1 person found this answer helpful.
    0 comments No comments

  2. Chintan Rajvir 426 Reputation points Microsoft Employee
    2021-12-02T05:58:32.443+00:00

    Hi @Prabu Subramanian ,

    NOTE: HLF 1.4.x was retired by the HLF community in April 2021 (here). HLF on AKS marketplace template retired on end of July, 2021. Please see the note here.

    The HLF on AKS marketplace template (having HLF 1.4.8) allows you to have the complete access to the cluster and the HLF node deployments. With this, you can utilize peer and fabric-ca CLI (binaries from HLF) to execute commands to issue new admin certificates using the deployed Fabric CA in the network and replace the same in a fault-tolerant way in the active channels (including the system channel).

    Currently, we do not have any automation script to achieve this. However, you can reach out to the HLF community for more help.

    Regards,
    Chintan Rajvir

    0 comments No comments