google / grr

GRR Rapid Response: remote live forensics for incident response

Home Page:https://grr-doc.readthedocs.io/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Rotating Database Application Certificates?

joesypula opened this issue · comments

commented

Hello,

I have just updated my AWS RDS MySQL 5.6.41 Certificate.

I was hoping to get some guidance on how to update the GRR application so it can use the new database cert.

Do all components, ie Worker, admin, frontend need to be re-configured to use the new cert? If so ,is there any documentation on how to do this? I see the grr_config_updater rotate_server_key command, but am unsure if I need to run this on all components.

Thank you

grr_config_updater rotate_server_key is unrelated. If I understand correctly, you rotated the TLS certificate that is used by GRR to connect to your MySQL instance?

Update the GRR configuration to point to the new certificate if needed, then a restart of all GRR components (AdminUI, Worker, Frontend) should be enough to make GRR load and use the new certificate.

commented