Certificate Management
Describes how to manage your Roving Edge Infrastructure devices' certificates.
You can view and manage your Roving Edge Infrastructure device nodes' certificates and certificate actions through the Node Management section in your node's Device Console. Each device node has a certificate on it that is created when the device node is provisioned. For each device node, only the latest version of the certificate and the latest action performed on that certificate is maintained. If you create a new certificate, that certificate will be the only one that is visible and the previous certificate is no longer maintained or usable.
Oracle recommends that you to use different Certificate Authorities (CAs) for each order. You can use the same root CA, but use different subordinate CAs. If you use the same CA for all your Roving Edge Infrastructure devices, a compromise in the common root/subordinate CA results in a compromise for all the devices using it.
You can perform the following device node certificate management tasks for your device node:
Renew vs. Create Certificate
You have the option of both renewing an existing certificate on your device node, or creating a new certificate that replaces the existing certificate. Deciding on which action to take depends on whether the subject information used for the certificate is changing. If so, then creating a new certificate incorporates those changes whereas renewing the certificate does not. If no subject information used for the certificate has changed on the device node, then renewing the certificate is sufficient.