Below are instructions for temporarily delaying key rotation in Mosip 1.1.5 when the Mosip Module keys are set to expire.
This will only work if there is no trust validation enabled for Biometric devices and IDA key-rotation is not required.
\uD83D\uDCD8 Instructions
Identify which packets will be expiring in the kernel key manager by running the following query
select * from key_alias ka where key_expire_dtimes >= current_date and key_expire_dtimes < current_date + 30 and(ref_id='' or app_id='KERNEL');
Now, set the key_expire_dtimes to a future date for all the keys that are returned from the query in step #1 except for the key with app_id KERNEL. Do not modify the expiry of the kernel key.
On the day of expiry, when a request is made to the key manager, the system will automatically generate a new KERNEL SIGN key with an expiry date of 3 years.
This is not a replacement for a proper key-rotation technique. It’s a rather a temporary solution as not to disrupt the flow of operation.