Unsolved
This post is more than 5 years old
32 Posts
0
3412
Avamar Session Security Configuration
Morning/Afternoon/Evening,
Does anyone have any experience using the Avamar 7.3+ functionality of the Avamar Session Security Configuration?
Specifically what happens after the certificate expiration date passes and new certificates need to be generated? The default is 5 years but you can change this by editing the mcserver.xml, however, once the expiration date passes are new certs automatically generated and what does that mean for all the existing clients that have been happily backing up for 5 years? Do all those clients have to re-register with the Avamar? Obviously in a live envirinament this is not ideal if that is the case.
Any feedback very welcomed.
Neil
ionthegeek
2K Posts
0
June 20th, 2017 05:00
The Session Security workflow has advanced options that allow you to regenerate the Avamar Server certificate (and optionally the CA certificate). As far as I know the certificates will never be regenerated automatically. I would not recommend generating certificates with expiration times longer than five years since a lot can change in crypto in that amount of time.
Also, please note that there are significant improvements planned for certificate handling in the product so any information I give you will almost certainly be stale by the time these certificates begin to expire.