If we aren’t using the Enterprise version of Linkerd, is there a way we could create a script to automate the renewal of the certifications that are needed to keep Linkerd running?
Or how could we extend the life of a certification so we wouldn’t need to renew it as often? And in order to set up or own certifications would we need to remove and reinstall Linkerd?
To be clear: it’s not possible to extend the life of a certificate without rotating it. But that’s OK, because rotating is the safer thing to do anyway.
As long as you rotate before the certificate expires, you’re good. Best practice here is that you rotate about 2/3 of the way through the certificate’s life, to give yourself time to correct any problems.
Please review the docs and set up certificate rotation in a test cluster. That will answer the remainder of your questions around certificate rotation. You can also review the cert-manager docs themselves for any additional cert-manager questions you have.