Consul has been running in your organization for a year now, and the configuration meets all the requirements of the Consul security model (ACLs, Gossip encryption, TLS, etc). Company security policies demand that all static encryption keys be rotated once a year, at a minimum. How can you quickly rotate the gossip encryption key without negatively impacting the Consul service or any of the hundreds of applications registered or using Consul?