ID: 13691
Title: Renew old site certificates during update
Component: Setup
Level: 1
Class: New feature
Version: 2.1.0i1
Older certificates that do not include the server name
extension need to be updated in order to support the new
agents TLS encryption.
The old certificate is moved to <tt>[my_site].pem.bak</tt>,
and a new one is created.
The existing site local root CA, which signed the previous
certificate, is used to sign the new certficate.
Since the trust between distributed sites is established
with the local root CA, no additional action is needed.