We have several customers who would like to keep IoT Edge device running for several months without restarting operation in their use cases. The have already generated their own production certificates with 3-10 years lifetime. Due to the documentation, we got to know that there's a auto generated certificate IoT Edge Hub Server certificate which always has a 90-day lifetime, but is automatically renewed before expiring. The auto_generated_ca_lifetime_days value doesn't affect this certificate.
Reference link: https://learn.microsoft.com/en-us/azure/iot-edge/how-to-manage-device-certificates?view=iotedge-2018-06#customize-certificate-lifetime
If the IoT Edge hub server certificate was auto generated and auto renewed, do we have to regularly restart edgeHub to apply new certificate ? Or edgeHub will auto reload and apply new certificate?
If we have to restart it, how to deal with the use case that IoTEdge cannot be restarted for more than 90 days?
edgeHub server cert is automatically renewed. The container is restarted when renewal happens but no manual user intervention is required.