TIBCO Spotfire Server and Node Manager certificate expiry and regeneration
Article ID: KB0072953
Updated On:
| Products | Versions |
|---|---|
| Spotfire Server | 7.5 and higher |
Description
What are server certificates (referred to as certificate below) ?
They help manage trust between the Spotfire server and the Node Manager. For more information.
When does the certificate get verified?
Expiry - A server certificate is considered "about to expire" if it will expire within next 3 / 6 / 12 months (varies with Spotfire version).
Consequences for the system if the certificate expires -
They help manage trust between the Spotfire server and the Node Manager. For more information.
When does the certificate get verified?
- Currently this check happens during startup whether the Tibco Spotfire Server and node manager certificate is about to expire.
- In addition the startup check is repeated once per day for the node manager.
Expiry - A server certificate is considered "about to expire" if it will expire within next 3 / 6 / 12 months (varies with Spotfire version).
Consequences for the system if the certificate expires -
- If it's a server it will be almost completely unavailable (unable to communicate with other nodes)
- If it's a node manager it will restart automatically (the startup check is repeated once per day) - which avoids a complete outage but means that all services are restarted, possibly leading to data loss etc.
Issue/Introduction
This article explains when does the TSS Node (Server / Node Manager) certificate expire and regenerate
Environment
All
Resolution
v10.7 & later:
v7.6 to v10.6:
v7.5:
Recommendation: It is advisable to hotfix and restart the Spotfire environment periodically so that we reduce the likelihood of the above mentioned consequences.
Certificate validity: 24 months.
Certificate regeneration: If the server was restarted within 12 months from expiration, the certificate will regenerate.
Certificate regeneration: If the server was restarted within 12 months from expiration, the certificate will regenerate.
v7.6 to v10.6:
Certificate validity: 12 months.
Certificate regeneration: If the server was restarted within 6 months from expiration, the certificate will regenerate.
Certificate regeneration: If the server was restarted within 6 months from expiration, the certificate will regenerate.
v7.5:
Certificate validity: 12 months.
Certificate regeneration: If the server was restarted within 3 months from expiration, the certificate will regenerate.
Certificate regeneration: If the server was restarted within 3 months from expiration, the certificate will regenerate.
Recommendation: It is advisable to hotfix and restart the Spotfire environment periodically so that we reduce the likelihood of the above mentioned consequences.
Additional Information
Doc: Node Trust and Back-End HTTPS Communication
Feedback
Yes
No
Powered by
