Agent certificate rotation
The Agent Client Collector certificate is valid for two years and must be rotated before it expires to avoid issues with agent connectivity. When expiration is approaching, the agent initiates a certificate rotation request.
When an Agent Client Collector's certificate expiration is approaching, system properties verify that a valid certificate is in place when the existing certificate expires.
- certificate-rotation-days-out: Indicates the number of days before certificate expiration that an agent attempts to rotate its certificate. Configured in the acc.yml configuration file. Default = 28.
- sn_agent.certificate_rotation_days_out: Indicates the number of days before certificate expiration that the system accepts a certificate rotation request for a specific agent. Configured on the System Properties page (). Default = 28.