This topic describes safe upgrade steps for the OpenEdge MCP Server and operational procedures for rotating service account keys, JWKS-backed keys, and TLS or mTLS certificates.

The following objectives guide the upgrade and rotation process:
Objective Description
Minimize downtime Ensure that upgrades do not disrupt service availability.
Preserve deterministic profiles Maintain configuration provenance for consistent deployments.
Enforce cryptographic hygiene Use short-lived tokens and perform periodic key rollover to maintain security.