How to Change the SSL Certificate used by Neverfail Continuity Engine Management Service

How to Change the SSL Certificate used by Neverfail Continuity Engine Management Service

Summary

This Knowledgebase article provides the procedure to change the SSL Certificate on Neverfail Continuity Engine Management Service.

 

More Information

To change the current SSL Certificate in Neverfail Continuity Engine Management Service (EMS), perform the following steps:

Note: Within the following procedure, all instances of <password> represent the default password used by EMS web-server. If you intend to use other than the default password (in other words to change the default password), you must also edit the Server.xml file located at %Program Files\Neverfail\tomcat\apache-tomcat-<version>\conf to reflect the non-default password used (this is stored in keystorePass)
Additionally, all file paths are assumed to be the default installation file paths.

 

Procedure  

  1. Navigate to Start > Run and open the Registry Editor.
  2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Prefs\nfmgtwebsvcs\management\nfmgtwebsvc.
  3. Change the value of use_hbws_keystore from TRUE to FALSE and save changes. 
  4. From Service Control Manager, restart Neverfail Management Web Services.
  5. Create a new KeyStore in a temporary location and enter the certificate details:

    cd "C:\Program Files\Neverfail\R2\jre\bin"
    keytool -genkey -alias nfhb_private_certificate -keyalg RSA -keysize 2048 -keystore NFKeyStore.jks -storepass <password>

  6. Create a Certificate Signing Request (CSR) as shown below:

    If using MD5:

    keytool -certreq -alias nfhb_private_certificate -sigalg MD5withRSA -file NFKeyStore.csr -keystore NFKeyStore.jks -keypass <password> -storepass <password>

    If using SHA1:

    keytool -certreq -alias nfhb_private_certificate -sigalg SHA1withRSA –file NFKeyStore.csr -keystore NFKeyStore.jks -keypass <password> -storepass <password>

  7. Submit the CSR to the Certification Authority (CA).
  8. Save the received certificate as certnew.p7b.
  9. Import the received certificate to the JAVA KeyStore:

    keytool -import -alias nfhb_private_certificate -keystore NFKeyStore.jks -trustcacerts -storepass <password> -file certnew.p7b

  10. Verify the imported data from the Java Keystore:

    keytool -list -v -keystore NFKeyStore.jks -storepass <password>

  11. Stop the Tomcat instance used by the Neverfail Management Web Services (nfmgtwebsvc) using the following command:

    net stop nfmgtwebsvc

  12. Create a backup of the currently used KeyStore:

    cd "C:\Program Files\Neverfail\tomcat\ssl"
    ren NFKeyStore.jks NFKeyStore.jks.bak

  13. Copy the keystore from the temporary location:

    xcopy "C:\Program Files\Neverfail\R2\jre\bin\NFKeyStore.jks" "C:\Program Files\Neverfail\tomcat\ssl"

  14. Start the Tomcat instance used by the Neverfail Management Web Services (nfmgtwebsvc) using the following command:

    net start nfmgtwebsvc

 

Applies To

All versions

 

Related Information

None

 

KBID-2794 

    • Related Articles

    • Continuity Engine Product Architecture

      Learning objectives At the completion of this session, you should be able to: Identify major components of the Neverfail Continuity Engine product architecture. Describe major component configuration. Identify advantages of the Neverfail Continuity ...
    • How to enable DEBUG level logging on Neverfail Continuity Engine Management Service

      Summary  This Knowledgebase article provides information about how to enable DEBUG level logging on Neverfail Continuity Engine Management Service. Procedure To enable DEBUG level logging on Neverfail Continuity Engine Management Service: On the ...
    • Check Continuity Engine Server Status

      This article describes how to check server status by reviewing several indicators, including the system tray icon, the Server Details page and Applications page in EMS, and Windows services. Check Server Status Learning objectives At the end of the ...
    • Neverfail Continuity Engine v8.5 - Release Notes

      Summary This Knowledge base article provides information about the 8.5 release of Neverfail Continuity Engine and all subsequent updates to this release. Neverfail Continuity Engine v8.5 Update 7 The following information applies to ...
    • Continuity Engine Troubleshooting - Invalid License

      This adticle introduces you to license related problems that you may encounter durig routine operations. Invalid License Learning objectives  At the completion of this session you should be able to: identify the symptoms of an invalid Neverfail ...