Hi All,
Looking to see if anyone else has seen about SSL cert validity trending to a shorter length. We currently are on Apps10 and use IEE in the main, with a few REST endpoints.
Does anyone have a strategy to reduce the burden on maintenance windows and automate any of this?
Hi Matthew,
There are issues to tackle:
For (1), if you receive the PFX from a CA then you need to consider a way to automate retrieve and copying to the middleware server. Another option is to configure certbot and generate from Lets Encrypt.
Once (1) is settled, then for (2) the certificate update can be done in a single command:
<ifshome>\instance\<instance>\bin\update_http_certificates.cmd ACTION=update_certs CERTTYPE=ohs_cert SELFSIGNED=false ADMINPASSWORD=<MWS password> OHSCERT=<pfx path> OHSCERTPASSWORD=<cert password>
You could create a batch file and execute it manually when needed or even create a Windows scheduled task. If on Linux a cron job would work just as well.
Please be sure to test this carefully before implementing on a production environment.
Best regards -- Ben
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
