Hello All,
Does anyone have a good procedure for rotating MySQL certs on an active-passive setup without downtime?
Please check the DB version; if it is >= 8.0.16, then you can rotate the new certificates dynamically; else MySQL service restart is required to rotate the certificates for other versions of MySQL.
https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_ssl_cert