Hi,

I need to update/renew/rotate certificates for my HLF network (orderer and peer).

so far using `peer channel update` command I have been able to update/renew/rotate

1.      Admin certificate for orderer org

2.      MSP certificates for orderer org

3.      TLS certificates for orderer org

4.      MSP certificates for peer org

5.      TLS certificates for peer org

But while attempting update for Admin certificate for peer org I am getting errors. Following are situations and its corresponding error output

Updating Admin certificate for peer in system channel, attempting to update the highlighted certificate

When using similar procedure as updating admin certificate for orderer, with using ORDERER MSP at the time of update I am getting an error : condition not satisfied at Consortium/SampleConsortium/Dev5PeerOrg/admin

And attempting same update while using PEER MSP, I am getting an error that one of the sub policy is not satisfied, atleast one writer is required.

I am not sure what is needed for such an update.
Please let me know if more information is needed around this.

I have resolved this issue after making an update to writer, and changing the sub_policy to "Admins" instead of writers

after making above change, i was able to make certificate update.

once the admin certificates were updated, I made the change again to make sub_policy to "Writers"

Not sure if this is the right way, but I am unblocked for now.