.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
Reissue Node Certificates
Tags: Documentation
The NetWitness Peer-to-Peer network (Nebula) is secured with PKI based transport encryption. A Certificate Authority (CA) is created on the Admin Server and all SASE based nodes, the PPN-Server (Lighthouse) and the Admin Server are all issued and configured with node certificates to enable secure internode communication.
The Nebula certificates are created with expirations that match the Platform based certificate policy. The Nebula CA Certificate is issued with a 10-year expiration while the node certificates have a 3-year expiration. A specific node’s certificates (private/public) can be reissued and applied via the following command:
nw-create-cloud-hybrid --reissue-node-certs
- Options:
--uuid
- Description:
UUID of the specific node (Required)
- Options: --deployment-model
- Description:
Optional Name of deployment model in template
defaults to pre-defined 'gcp default'
- Options: --cloud-key-path
- Description:
Optional Cloud Service Account Json-based key data path
GCP will default to /root/.gcp/gcp-auth-token.json
This command replaces the Nebula certificates for the specified node in the SASE Deployment.