To renew the certificate of web consoles, navigate to "SSO | SSO Servers"

Click the context menu of "Single Sign-on Server", then select "Renew Certificate"

To be cautious, you might want to back up your DualShield server or take a snapshot of your DualShield VM.

Click "Renew" to start the renewal process

Click "Edit"

Fill out the certificate application form

Click "Continue"

Copy the entire CSR text, and submit it to your certificate authority (CA) to apply for a SSL certificate. 


If your certificate has been automatically renewed by GoDaddy, then you might have to firstly Re-Key your certificate

Once your certificate is ready, you will be able to download it.

Important!: Before downloading please check the creation date or for best results go click on 'My Certificates' on the top left then click on the newly created certificate, check the creation date, and if correct download from there.


Select "Tomcat" as the Server type

Downlolad the certificate zip file, and unzip it to a folder in your hard drive:

The file with the name "gd-bundle-g2-g1.crt" is the certificate of GoDaddy's intermediate CA. You can double click the file to check its content.


If you are able to get your SSL certificate from your CA shortly, then click the "Complete Certificate Request" button as soon as you have received your SSL certificate 

Upload your SSL certificate file and the CA certificate if provided, then click "Save" to complete the process.

If it is going to take a long time to get your SSL certificate from your CA, then by the time you receive your SSL certificate, your DualShield console session would have expired. In this case, follow the step below to complete the renewal process.

Login to your DualShield admin console

Navigate to "Repository | Certificates | Certificate Signing Requests"

Select the pending Certificate Signing Request, e.g. "dualshield.opensid.net"

Click its context menu, then select "Complete Certificate Request"

Upload your SSL certificate file and the CA certificate if provided, then click "Save" to complete the request.

Now, you need to replace the existing SSL certificate with the new SSL certificate

Navigate to "SSO | SSO Servers", click the context menu of "Single Sign-On Server"

Select "Replace Certificate" from the context menu

The "Replace Console Certificate" window will pop up:

There are 2 options in this window

  1. Select File
  2. Select Server Certificate

If you already have the certificate imported into the "server certificate" repository, then click the "Select Server Certificate" option

Select the correct certificate from the Server Certificate list and click "Save"

Otherwise, click the "Select File" option to import a new certificate:

select the certificate to be imported

Then, click the "Save" button











  • No labels