Renew Foreman/Katello SSL certificate

I need to renew SSL certificates on Foreman due to expiry.

Expected outcome:
Foreman working with new certs

Foreman and Proxy versions:
Foreman 3.9 & Katello 4.11. all in one setup.

Foreman and Proxy plugin versions:
Foreman 3.9 & Katello 4.11

Distribution and version:
Rocky 8.9

Other relevant data:

I need to replace the SSL certificates on the current working Foreman setup. The certs are going to expire and I want to add another name to be accepted to the ssl cert. I don’t want to change the file name or the CA or anything else.

My question is after I replace the certificate and key, is restarting the foreman via foreman-maintain is enough for new certs to be picked up or should I run foreman-installer just like I did during the installation?


You should follow the docs Renewing a SSL certificate on Foreman server


Thank you for replying @gvde
I don’t know how I missed that. I think I was just looking in the forum and couldn’t find anything.

Another question on this. When my setup is all-in-one, do I still need to run process for updating the certs on Foreman server and on Smart proxy separately, like it’s mentioned in the guide?

never mind. didn’t need to run the smart proxy stuff.