Renew external certificate for the Log Server

You must renew the external certificates for the Log server manually before it expires.

Before you begin

  • You must have the external Certificate Authority (CA) configured.
    Note: This is the certificate authority that is used to sign certificate requests.
  • The Log Server must be running before generating the new Certificate Signing Request (CSR).

Steps

  1. Select Dashboard > Servers / Devices Dashboard.
  2. Browser to Log Server.
  3. Generate the certificate request by using one of the following ways:
    • From the context menu of the Log Server.
      1. Right-click the Log Server, then select Certificate > Renew Certificate.
      2. Click the Yes button, and then click the OK button. The certificate request is generated.
    • From the Log Server properties dialog-box:
      Note: Use this option if the existing settings in the Certificate Definition section need to be updated.
      1. Right-click the Log Server, then select Properties.
      2. Click the Certificate tab.
      3. Click the Renew Certificate button.
      4. Configure the settings in the Certificate Definition section.
      5. Click the Generate Certificate Request button, and then click the Yes button.
      6. Click the OK button. The Certificate Request section is displayed.
  4. Export the generated certificate request by using one of the following ways:
    • From the Log Server properties dialog-box:
      1. Right-click the Log Server, then select Properties.
      2. Click the Certificate tab.
      3. In the Certificate Request section, click the Export Certificate Request button.
      4. Navigate to the desired location and click the Export button, and then click the OK button.
    • From the context menu of the Log Server:
      1. Right-click the Log Server, then select Certificate > Export Certificate Request.
      2. Navigate to the desired location and click the Export button, and then click the OK button.
  5. Sign the exported certificate request by using the external Certificate Authority (CA).
  6. Import the signed certificate by using one of the following ways:
    • From the Log Servers properties dialog-box:
      1. Right-click the Log Server, then select Properties.
      2. Click the Certificate tab.
      3. In the Certificate Request section, click the Import Signed Certificate button.
      4. Select one of the following options:
        • The From File option:
          1. Select the From File radio button, and then click the Browse button.
          2. Navigate the location where the signed certificate is saved.
          3. Select the signed certificate file, and then click the Import button.
          4. Click the OK button.
        • The As Text option:
          1. Select the As Text radio button.
          2. Paste the certificate details.
          3. Click the OK button.
    • From the context menu of the Log Server:
      1. Right-click the Log, then select Certificate > Import Certificate.
      2. Select one of the following options:
        • The From File option:
          1. Select the From File radio button, and then click the Browse button.
          2. Navigate to the location where the signed certificate is saved.
          3. Select the signed certificate file, and then click the Import button.
          4. Click the OK button.
        • The As Text option:
          1. Select the As Text radio button.
          2. Paste the certificate details.
          3. Click the OK button.
  7. Stop the Log Server.
  8. Execute the following script: 
    sgCertifyLogSrv
  9. Restart the Log Server.
  10. Verify the expiration date of the renewed certificate. For more details, refer to the Check the expiration date of the certificate topic.