Oracle Cloud Infrastructure Documentation

Editing a Certificate Authority

Edit a certificate authority (CA) when you need to change its properties.

You can update any certificate authority properties besides the name and OCID. However, you can't update all properties by using the Console. To update the current version number, you must do that separately from updates to any other properties. Making a version the current version puts it into active use and involves more than other property changes.

  • You can only update the certificate authority description by using the Console.
    1. On the Certificate Authorities list page, select the certificate authority that you want to work with. If you need help finding the list page or the certificate authority, see Listing Certificate Authorities.
      The certificate authority's details page opens.
    2. On the certificate authority's details page, select Edit.
      The Edit certificate authority panel opens.
    3. Update the existing description.
    4. Select Update.

  • The command that you use to update a certificate authority depends on whether it is a root certificate authority or a subordinate certificate authority. Either use the oci certs-mgmt certificate-authority update-root-ca-by-generating-config-details command and required parameters or the oci certs-mgmt certificate-authority update-subordinate-ca-issued-by-internal-ca command and required parameters to edit a certificate authority's description.

    You can also update a certificate authority's rules and revocation configuration. For more information about updating a certificate authority's rules, see Editing Certificate Authority Rules. For information about updating a certificate authority's revocation configuration, see Editing a Certificate Revocation List.

    To edit the description of a root certificate authority, open a command prompt and run oci certs-mgmt certificate-authority update-root-ca-by-generating-config-details:

    oci certs-mgmt certificate-authority update-root-ca-by-generating-config-details --certificate-authority-id <CA_OCID> --description <new_description> [OPTIONS]

    For example:

    oci certs-mgmt certificate-authority update-root-ca-by-generating-config-details --certificate-authority-id ocid1.certificateauthority.oc1.<region>.<unique_id> --description "my root CA"

    To edit the description of a subordinate certificate authority, open a command prompt and run oci certs-mgmt certificate-authority update-subordinate-ca-issued-by-internal-ca:

    oci certs-mgmt certificate-authority update-subordinate-ca-issued-by-internal-ca --certificate-authority-id <CA_OCID> --description <new_description> [OPTIONS]

    For example:

    oci certs-mgmt certificate-authority update-subordinate-ca-issued-by-internal-ca --certificate-authority-id ocid1.certificateauthority.oc1.<region>.<unique_id> --description "my subordinate CA"

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Run the UpdateCertificateAuthority operation to update a certificate authority.