While building a Corda network with multiple nodes and parties, how is the certificate renewal managed? Once a new certificate is issued to a node/party, how does that affect the earlier transactions and any ongoing transactions?
0
votes
1 Answers
1
votes
What you're asking about depends on the TYPE of corda network right?
So for example:
A bootstrapped network is "hard coded" from the beginning, meaning the certs and network map are all generated by the network bootstrappeer (https://docs.corda.net/docs/corda-os/4.7/network-bootstrapper.html) This is also what's normally used when running the gradle deployNodes task.
A production network usually has a network manager that handles most of the tooling here. That means that your nodes would just connect to the network manager and so you're not going to be as worried. You may need to generate a couple of certs at the beginning but after that you're good. For a good example take a look at this example of kubernetes where the certs are generated on corda firewall: https://github.com/corda/corda-kubernetes-deployment/tree/master/corda-pki-generator
