A few years ago we were managing CF 11 servers and slowly migrating to Lucee. One day all connectivity between CF and the database stopped; this was due to an expired cert in the keystore that was blocking the connectivity. It took us a while to figure out but caused quite a lot of disruption. I put this down to maintaining an out of date version of CF and expedited our move to Lucee.
We are now on Lucee completely for our main apps and all is going well… I have a couple of commandbox tasks that run something non critical in the background and this flagged up the same error as before: PKIX path building failed etc. It wasn’t too much of an issue; I just deleted the commandbox libraries and reinitialised - all sorted.
It got me thinking about the old issue and our main apps - what is the best way to avoid this happening again ? Is the certificate(s) renewed as part of the MSSQL Extension updates, or during a full lucee upgrade? What would be the best way to monitor this and also prevent reoccurrence?
Any help pointing in the right direction would be greatly welcomed.
Currently running 6.2.2.91