Certificate expired

Hi Osama

With self signed the other nodes will not trust your FSM and this is not the recommended way.

But in case you want to do so then here is how to do it:

The right way to do is to sign the CSR with your private CA, and the new cert CN should be the FQDN of your FSM, and its IP as SAN (if needed).

When the Supervisor cert expires, you usually generate a new self-signed cert on the Supervisor and then restart the related services so it gets picked up properly. After that, the key part is redistributing the new cert to all nodes workers/collectors so trust is reestablished. For agents Windows/Linux, you typically need to re-import or re-register them so they accept the updated certificate chain. Just make sure to roll it out in a controlled order to avoid trust mismatch or communication breakage.

When the Supervisor certificate expires, you typically don’t try to reuse or repair it you generate a new self-signed certificate and roll it out cleanly. The main work is making sure all connected components like workers, collectors, Windows agents, and Linux agents are updated to trust the new certificate. You also need to properly remove or replace the old cert everywhere to avoid any connection or handshake issues. It’s kind of like a Stair Calculator setup if one step is outdated or mismatched, the whole system starts giving incorrect results.