Univention Bugzilla – Bug 55067
consider removal UMC module "certificate settings"
Last modified: 2022-08-04 11:29:18 CEST
The usiage of the UMC module "certificate settings" will most likely even in a non-complex environment cause more or less severe problems. In any case additional steps to be done using CLI will be necessary. It should be considered if the module can be completely removed and maybe replaced by a documentation in https://docs.software-univention.de/manual/5.0/de/domain-ldap/ssl.html
If you change any setting a new root-CA-certificate will be created; all previous certificates thus become invalid and must be re-newed and re-deployed manually as described in <https://help.univention.com/t/renewing-the-ssl-certificates/37>. Reverting such a mistake requires restoring the SSL certificates from backup. As such is is a major usability problem if used by accident. There is Bug #30294 for implementing automatic certificate renewal. Only then would the UMC module be useful again.