This is a wiki guide for customers who are experiencing Fatal Alert: Certificate_Unknown when restarting DualShield following an upgrade.  This will also update the Signature algorithm from SHA1 to SHA256

Warning: The process below will stop and start your DualShield server a couple of times. You should carry out the process in off hours in order to minimize the interruption.

It is highly recommended to take a snapshot of your server before proceeding!

Step 1: Download the following file

Renew DualShield CA Cert

Step 2: Extract the zip file and then copy the file ca-renew-1.0-standalone.jar to c:\temp

Step 3: Stop the DualShield Server Service.

Step 4: Open elevated Command Prompt and execute the following commands: 

cd C:\Program Files\Deepnet DualShield\jre\bin

C:\Program Files\Deepnet DualShield\jre\bin> java -jar c:\temp\ca-renew-1.0-standalone.jar ..\lib\security\cacerts JKS changeit dualultimateca changeit

If successful the  result will show 'CA Certificate has been renewed successfully'

Step 5.  Start the DualShield Server Service.