Nexus - KL gateway - certs 2026 by LindaLawton · Pull Request #100 · trifork/klg-docs

LindaLawton · 2026-04-22T09:34:20Z

new certs for KL gateway old certs expire 26/04/201

we need these added ASAP please.

new certs for KL gateway old certs expire 26/04/2016

ohetrifork · 2026-04-23T06:11:12Z

Hi @LindaLawton
I may find time to do it later this afternoon. Would you prefer to have new clientIds (such that both old and new certificates can be used simultaneously) or re-use the existing clientIds?

LindaLawton · 2026-04-23T06:42:10Z

If you can leave both that would be wonderful.

It will mean i dont have to time our server restart with you adding it.

I really appreciate you having time to do it today

Linda

ohetrifork · 2026-04-23T06:46:49Z

👍 I'll keep you updated on this issue

ohetrifork · 2026-04-23T06:55:37Z

@LindaLawton
It seems that the TEST and PROD certificates are identical... that doesn't sound right to me?

LindaLawton · 2026-04-23T06:58:53Z

As far as i can see the test and prod ones where identical before.

This is not a "kamp" i can take up right now
.

It may be something for another day.

ohetrifork · 2026-04-23T07:30:29Z

@LindaLawton
The public keys I currently see registered for test do not match any of the public keys for production, so I don't see any issue there. However, we can't whitelist the same public key for test as for production, because this allows you to sent production data to the test environment.
I will continue with whitelisting your production public key, but I will have to request another public key from you for the test environment.

Decoding the test certificate, I see this:
Common Name: NEXUS KL Gateway PROD

ohetrifork · 2026-04-23T08:17:03Z

Can you confirm that your current production clientId is "kmd-nexus-prod-2023-06"?

(that is the one I'll be updating, unless noticed otherwise)

LindaLawton · 2026-04-23T08:32:09Z

Not sure how to verify that the current one is in Azure secret and i dont have access to see it let me see if someone in the cloud security can tall me

Leave test for now we can deal with that after we Are sure production is working

LindaLawton · 2026-04-23T09:18:11Z

Yes thats the client id

ohetrifork · 2026-04-23T09:19:51Z

I have reserved a service window at 14-15 today to replace the current public key. I will give notice here when it has been completed.

ohetrifork · 2026-04-23T12:10:26Z

The PROD public key has been replaced now.
I will keep this PR open until the test certificate part has been clarified.

ohetrifork · 2026-04-24T06:37:38Z

I see lots of reports coming in tp PROD001 since yesterday, so the certificate change looks successful 👍

LindaLawton · 2026-04-24T07:03:45Z

Thank you for making time for this.

I havent heard anything from our side. Im going to send a few messages to be 100% sure

Nexus - KL gateway - certs 2026

3a03465

new certs for KL gateway old certs expire 26/04/2016

Conversation

LindaLawton commented Apr 22, 2026

Uh oh!

ohetrifork commented Apr 23, 2026

Uh oh!

LindaLawton commented Apr 23, 2026

Uh oh!

ohetrifork commented Apr 23, 2026

Uh oh!

ohetrifork commented Apr 23, 2026

Uh oh!

LindaLawton commented Apr 23, 2026

Uh oh!

ohetrifork commented Apr 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

ohetrifork commented Apr 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

LindaLawton commented Apr 23, 2026

Uh oh!

LindaLawton commented Apr 23, 2026

Uh oh!

ohetrifork commented Apr 23, 2026

Uh oh!

ohetrifork commented Apr 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

ohetrifork commented Apr 24, 2026

Uh oh!

LindaLawton commented Apr 24, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

ohetrifork commented Apr 23, 2026 •

edited

Loading

ohetrifork commented Apr 23, 2026 •

edited

Loading

ohetrifork commented Apr 23, 2026 •

edited

Loading