Airlock as a Service Knowledge Base
API Reference Service Status Airlock Console
airlock.com

Rotate secrets, key pairs and certificates

Recommendation
We recommend rotating secrets and key pairs regularly, or immediately if they are compromised.

Risk
Changing a secret or key pair does not take effect immediately. Changes are applied only when the configuration is next activated.

Secrets and key pairs can be rotated in the ALSAASPM-N-164.

Rotate a secret/key pair

Notice
It is not possible to amend an existing secret or key pair

  1. Create a new secret/key pair

  2. Copy the resulting file paths/key alias into the medusa.xml

  3. Zip and upload the configuration.

  4. Activate the configuration

Rotate a certificate without changing the private key

  1. Issue and downloaded a new CSR from the respective key pair.

  2. Sign the CSR and upload the certificate.

  3. Reactivate the current configuration. No modification of the medusa is necessary.