How to Replace the webconsole cert after it has expired

Question

We use a wildcard cert in or organization and it had recently expired. So when I try to get to the webconsole Im getting a “NET::ERR_CERT_DATE_INVALID” . I have the new wildcard cert (*wildcard-cert.pfx file)

Im not proficient in the certs department. So do I just copy this cert to the C:\Program Files\Commvault\ContentStore\Apache\conf\ directory. This is where I see the same cert name which Im assuming is the expired cert.

I looked in the server.xml file and saw the following -

<Certificate certificateKeystoreFile="conf/XXX-XXX-wildcard-cert.pfx" certificateKeystorePassword="XXXXXXXXXX" certificateKeystoreType="PKCS12"/>

Or is there a particular command I need to run to add the new wildcard cert (pfx file) to a keystore etc..?

Please advise..

Thanks

BC

Sean Crifasi · Accepted Answer

Hi @bc1410,I see you mentioned that you have a pfx file, in that case this process is a little quicker than normal.This is the complete overview that would typically be followed:https://documentation.commvault.com/11.24/essential/50492_configuring_secured_access_for_web_applications.htmlHowever, with the pfx file you can jump straight to step 2:https://documentation.commvault.com/11.24/expert/50506_configuring_ssl_certificate_for_tomcat_server.htmlAs a surface level of the steps needed:- Navigate to the Commserve installation\contentstore\apache\conf- Copy the new pfx certificate file here- Stop Tomcat- Make a copy of the server.xml file before any modifications are made- Edit the server.xml file in notepad++ or wordpad or any other text editor- At the bottom of the document update the below parameters (for pfx keystore type is always PKCS12):--certificateKeystoreFile--certificateKeystorePassword--certificateKeystoreType=”PKCS12”

bc1410 · Answer

Thanks you SEAN - appreciate the HELP!

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded