Updating SOTI Connect System Certificates

About this task

You can upload and renew your system certificates. Renewing system certificates is a three-step process in SOTI Connect. After you have uploaded a root certificate from a trusted certificate authority, SOTI Connect generates, deploys and activates each component certificate of the system.

Note: When updating the System Certificates in a cluster setup, you must restart all logging service instances to load the latest server certificate.

To renew your system certificates:

Procedure

  1. On the menu bar, click the main menu button and select Administration.
    The Administration view opens.
  2. On the left pane, click Certificate Management.
    The Certificate Management view opens.
  3. On the right pane, click Import New Root Certificate
    The Upload a New Root Certificate dialog box opens.
  4. Click Upload File and select the root certificate file.
    Note: Only upload PFX format files obtained from a trusted certificate authority.
  5. Enter the password, if the uploaded root certificate has one.
  6. Click Upload.
    The dialog box closes, and you can see the uploaded root certificate on the list.
  7. Click the menu button on the left side of the root certificate you would like to activate and select Update.
    The Update Root Certificate dialog box opens.
  8. Select the time frame you want the child certificates to expire in after they are generated.
  9. Select the response to the system certificate failing at any step of the process.
    SOTI highly recommends you select the Stop Update option, to provide you a clear picture of what failed and what the next steps are.
  10. Click Update.
    If an error occurs during the process, a list of successful and failed actions displays, along with three options:
    • Abort: Roll back to the previous set of certificates.
    • Override: Ignore any error and continue with updating certificates for the other SOTI Connect components.
    • Retry: Perform the same action again and check if it was successful
    • Continue Update: Generate, deploy, and activate system certificates while disregarding any error that occurs during the process.
  11. Copy the commands you see on the SOTI Connect user interface for management server, logging service, webhook receiver.
  12. Open the Windows PowerShell application on your local server as an administrator.
  13. Paste the copied commands, one at a time, into the Window PowerShell application. Press Enter to run the commands.
    After each command is run in PowerShell, you should see the output 'SSL Certificate Successfully Added'.
  14. Close the PowerShell window
  15. Click Start Health Check on the SOTI Connect UI.