- Le plus récent
- Le plus de votes
- La plupart des commentaires
You should not need to run discovery every time the MQTT server certificate is rotated. When you do discovery, you obtain the GG root CA, which, as you mention expires in 2099. This certificate is not automatically rotated, but can be forced using the Rotate CA button in the console or by using CreateGroupCertificateAuthority. https://docs.aws.amazon.com/greengrass/latest/apireference/creategroupcertificateauthority-post.html
So, if you used the console option to Rotate the CA, you actually did generate a new CA and a new server cert which eventually required your devices to do a new discovery.
There is currently no way to force the rotation of the MQTT server certificate independently from the group CA - in order to do a test you will need to wait 7 days.
=== EDIT ===
You can also change the connectivity information for your GG group to force a server certificate rotation, as this information is part of the certificate
Contenus pertinents
- demandé il y a un an
- demandé il y a 6 mois
- demandé il y a 2 mois
- demandé il y a 3 mois
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 2 ans