To Renew the DualShield Server Certificate, you will need to download the Deepnet CSR & Certificate Generator. To use the tool, you will need to run it on your DualShield server.
Please ensure the generator is run as administrator (right click on the app and click "run as administrator")
Get Started by clicking the DualShield Tools button and selecting Renew SSO Certificate - Create CSR.
You will then be presented with the CSR Dialog Screen:
The current certificate is then read from the DualShield directory and the fields are automatically populated with the details that are present on the current certificate.
Fill in the missing details if any and change the key size if required.
Once you are ready, Click the Create button to then generate the CSR Text String.
Copy the CSR text by clicking the Copy button, or Save the CSR text as a file by clicking the Save button.
Click the Close button to close the CSR window. The CSR should be listed and pending for completion.
Now, submit the CSR to your Certificate Authority, such as GoDaddy.
If your certificate has been automatically renewed by GoDaddy, then you might have to firstly Re-Key your certificate
Once your certificate is ready, you will be able to download it.
Important!: Before downloading please check the creation date or for best results go click on 'My Certificates' on the top left then click on the newly created certificate, check the creation date, and if correct download from there.
Select "Tomcat" as the Server type
Downlolad the certificate zip file, and unzip it to a folder in your hard drive:
The file with the name "gd-bundle-g2-g1.crt" is the certificate of GoDaddy's intermediate CA. You can double click the file to check its content.
and the other CRT file, e.g. "cda058a1d99dbfc6.crt" is your certificate. Again, you can double click it to check its content.
Back to the Deepnet CSR & Certificate tool (Reminder, must be run as administrator), right-click the pending CSR entry
and select Create PFX from CA Cert and Import into DualShield.
Select the Browse... button to load your CA Signed Certificate as well as the Intermediate CA Certificate:
Once ready, click the Renew DS button.
Finally, you MUST restart the DualShield server so the renewed certificate can take effect.
Troubleshooting
If you get this dialog, then it is very likely that you are not an administrator or UAC is on.
Please try to run this tool by right clicking then choose Run as administrator.
Under the hood, this tool checks the following registry for DualShield existence.
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Apache Software Foundation\Procrun 2.0\DualShield\Parameters\Java
Without UAC, this tool may not be able to read this key so that it shows that dialog.