Updating SOTI Connect System Certificates
About this task
You can upload and renew your system certificates. Renewing system certificates is a three-step process in SOTI Connect. After you have uploaded a root certificate from a trusted certificate authority, SOTI Connect generates, deploys and activates each component certificate of the system.
Note: When updating the System Certificates in a cluster setup, you must restart all logging
service instances to load the latest server certificate.
To renew your system certificates:
Procedure
-
On the menu bar, click the main menu button and select Administration.
The Administration view opens.
-
On the left pane, click Certificate Management.
The Certificate Management view opens.
-
On the right pane, click Import New Root Certificate
The Upload a New Root Certificate dialog box opens.
-
Click Upload File and select the root certificate file.
Note: Only upload PFX format files obtained from a trusted certificate authority.
- Enter the password, if the uploaded root certificate has one.
-
Click Upload.
The dialog box closes, and you can see the uploaded root certificate on the list.
-
Click the menu button on the left side of the root certificate you would like to activate and select Update.
The Update Root Certificate dialog box opens.
- Select the time frame you want the child certificates to expire in after they are generated.
-
Select the response to the system certificate failing at any step of the process.
SOTI highly recommends you select the Stop Update option, to provide you a clear picture of what failed and what the next steps are.
-
Click Update.
If an error occurs during the process, a list of successful and failed actions displays, along with three options:
- Abort: Roll back to the previous set of certificates.
- Override: Ignore any error and continue with updating certificates for the other SOTI Connect components.
- Retry: Perform the same action again and check if it was successful
- Continue Update: Generate, deploy, and activate system certificates while disregarding any error that occurs during the process.
- Copy the commands you see on the SOTI Connect user interface for management server, logging service, webhook receiver.
- Open the Windows PowerShell application on your local server as an administrator.
-
Paste the copied commands, one at a time, into the Window PowerShell application. Press Enter to run the commands.
After each command is run in PowerShell, you should see the output 'SSL Certificate Successfully Added'.
- Close the PowerShell window
- Click Start Health Check on the SOTI Connect UI.