Replace an Expired Console Certificate

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

If you replace the original console certificate with a certificate issued by a third-party certificate authority (CA), you must make sure that this third-party certificate is replaced before it expires. When the console certificate expires, you cannot start the Authentication Manager services after they are stopped.

If you stop Authentication Manager services on a deployment with an expired certificate, perform the following procedure. and then start the services.

Procedure 

  1. Log on to the appliance with the User ID rsaadmin and the current operating system password:

    • On a hardware appliance, log on to the appliance using an SSH client.

    • On a virtual appliance, log on to the appliance using an SSH client, the VMware vSphere client, the Hyper-V System Center Virtual Machine Manager, or the Hyper-V Manager.

    For instructions, see Log On to the Appliance Operating System with SSH.

  2. Change the directory to utils. Type:

    cd /opt/rsa/am/utils

    and press ENTER.

  3. Run the following command to change the console certificate from the third-party certificate to the original certificate. Type the following, and press ENTER:

    ./rsautil reset-server-cert -u oc_admin_UserID

    -p oc_admin_password

    where:

    • oc_admin_UserID is the user name for an Operations Console administrator

    • oc_admin_password is the Operations Console administrator’s password

After you finish 

Start the Authentication Manager Services. For instructions, see "Manage RSA Authentication Manager Services Manually" in the Administrator's Guide.

 

 

 


Attachments

    Outcomes