Updating SSL Key and Certificate
Starting with release 17.1.1, Avi Vantage supports the update of non-self-signed certificates.
When a certificate expires or otherwise needs to be replaced, multiple virtual services may be impacted. Manually updating each VS, one by one, to use a replacement certificate presents administrative burden. By updating the certificate in place, Avi Vantage lifts that burden. Updating the pre-existing named certificate is automatically followed by a push to all affected SEs, which in turn causes all affected virtual services to continue without interruption.
Navigate to the SSL/TLS Certificate list. Click the pencil icon at the extreme right of the row to open the certificate editor. Note that any row listing a self-signed certificate will present no such option.
If the Avi SSLKeyAndCertificate object was created via a certificate signing request (CSR), the user has the option to take the CSR, get it re-signed, and upload the new certificate. See below.
On the other hand, if the Avi SSLKeyAndCertificate object was created by importing the private key and certificate, the user may edit and upload a new key-cert pair. See below.