Making a Certificate Authority Version Current

• Console
• CLI
• API

• 1. On the Certificate Authorities list page, select the name of the CA with the CA version that you want to actively use by making it current. If you need help finding the list page, see Listing Certificate Authorities.

     To find a CA in a different compartment, under List scope, select a different compartment.

  2. Under Resources, select Versions.
  3. Under Versions, find the CA version with the bundle that you want to make current.
  4. Select the Actions menu () for the certificate version, and select Make Current.
  5. Confirm the promotion by selecting Make Current.

• The command you use to make a CA version the current version depends on whether the CA is a root CA or a subordinate CA.

  For a root CA, use the oci certs-mgmt certificate-authority update-root-ca-by-generating-config-details command and required parameters to make a CA version the current version:

  oci certs-mgmt certificate-authority update-root-ca-by-generating-config-details --certificate-authority-id <CA_OCID> --stage <rotation_state>

  For example:

  oci certs-mgmt certificate-authority update-root-ca-by-generating-config-details --certificate-authority-id ocid1.certificateauthority.oc1.<region>.<unique_id> --stage CURRENT

  For a subordinate CA, open a command prompt and run oci certs-mgmt certificate-authority update-subordinate-ca-issued-by-internal-ca command required parameters to make a CA version the current version:

  oci certs-mgmt certificate-authority update-subordinate-ca-issued-by-internal-ca --certificate-authority-id <CA_OCID> --stage <rotation_state>

  For example:

  oci certs-mgmt certificate-authority update-subordinate-ca-issued-by-internal-ca --certificate-authority-id ocid1.certificateauthority.oc1.<region>.<unique_id> --stage CURRENT

  For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

• Run the UpdateCertificateAuthority operation to make a CA version the current version.