You can replace an expired self-signed certificate with a valid certificate for Tenant App.

1. Log in to Tenant App VA as root and navigate to "/etc/ssl" using the command, # cd /etc/ssl.
2. Execute the commands in the following sequence.
   • # openssl genrsa -out app.key 2048
   • # openssl rsa -in app.key -out app.key
3. Replace "/CN=localhost" with customer domain in the command, # openssl req -sha256 -new -key app.key -out app.csr -subj '/CN=localhost'.
4. Replace "-day 356" based on your requirement in the command, # openssl x509 -req -sha256 -days 365 -in app.csr -signkey app.key -out app.crt # cat app.crt app.key > app.pem.
5. Restart the openssl by using the command, # systemctl restart sshd.
6. Reboot Tenant App using the command, # reboot.