To renew the certificate of web consoles, navigate to "SSO | SSO Servers"
Click the context menu of "Single Sign-on Server", then select "Renew Certificate"
To be cautious, you might want to back up your DualShield server or take a snapshot of your DualShield VM.
Click "Renew" to start the renewal process
Click "Edit"
Fill out the certificate application form
Click "Continue"
Copy the entire CSR text, and submit it to your certificate authority (CA) to apply for a SSL certificate.
If you are able to get your SSL certificate from your CA shortly, then click the "Complete Certificate Request" button as soon as you have received your SSL certificate
Upload your SSL certificate file and the CA certificate if provided, then click "Save" to complete the process.
If it is going to take a long time to get your SSL certificate from your CA, then by the time you receive your SSL certificate, your DualShield console session would have expired. In this case, follow the step below to complete the renewal process.
Login to your DualShield admin console
Navigate to "Repository | Certificates | Certificate Signing Requests"
Select the pending Certificate Signing Request, e.g. "dualshield.opensid.net"
Click its context menu, then select "Complete Certificate Request"
Upload your SSL certificate file and the CA certificate if provided, then click "Save" to complete the request.
Now, you need to replace the existing SSL certificate with the new SSL certificate
Select "Replace Certificate" from the context menu
The "Replace Console Certificate" window will pop up:
There are 2 options in this window
- Select File
- Select Server Certificate
If you already have the certificate imported into the "server certificate" repository, then click the "Select Server Certificate" option
Otherwise, click the "Select File" option to import a new certificate: