This is a wiki guide for customers who are experiencing Fatal Alert: Certificate_Unknown when restarting DualShield following an upgrade. This will also update the Signature algorithm from SHA1 to SHA256
Warning: The process below will stop and start your DualShield server a couple of times. You should carry out the process in off hours in order to minimize the interruption.
It is highly recommended to take a snapshot of your server before proceeding!
Step 1: Download the following file
Renew DualShield CA Cert v4.zip
Step 2: Extract the zip file and then copy the file ca-renew-1.0-standalone.jar to c:\temp
Step 3: Stop the DualShield Server Service.
Step 4: Open elevated Command Prompt and execute the following commands:
cd C:\Program Files\Deepnet DualShield\jre\bin C:\Program Files\Deepnet DualShield\jre\bin> java -jar c:\temp\ca-renew-1.0-standalone.jar ..\lib\security\cacerts JKS changeit dualultimateca changeit
If successful the result will show 'CA Certificate has been renewed successfully'
Step 5. Start the DualShield Server Service.