locked
Lightweight Gateway Certificate Renewal RRS feed

  • Question

  • Hi All,

    Our current certificates are expiring at the end of the month for all our lightweight gateway servers. I have recently followed Microsoft's documentation to renew the certificate on the ATA center server which has been successful and I can see in the JSON files on the gateways that the thumbprint has updated accordingly.

    I am however unsure of the method to update the similar certificate on the lightweight gateways, on the ATA center server I simply used PowerShell to create a new certificate based off the properties of the existing certificate and then synced the changes in the center to the gateways.

    What's the best process for updating the certificates on the gateways? I am not using version 1.8 where this is automatically managed by the system so I need to do this manually.

    Hope you can help!

    Thanks

    Thursday, March 7, 2019 9:18 AM

Answers

  • The best practice in this case is for you to upgrade to 1.8.1 and then to 1.9.1 ASAP,

    then let the system handle everything automatically.

    It's really the smart thing to do here, you are using an extremely outdated version...

    I am not sure that even the online docs still show the exact procedure that needed to be done in 1.7.


    Thursday, March 7, 2019 1:28 PM

All replies

  • Not sure what you meant by "renew".

    ATA does not support renewal of certs, you need to create a new cert with the needed properties mentioned in the docs, then select it from the UI as the replacement cert, and once all GWs are synced, press the bkue "Activate" button to finalize it.

    once you did this, all is good. the GWs will auto manage their on cert replacement, you don't need to do anything else since 1.8  +

    Thursday, March 7, 2019 11:16 AM
  • Hi Eli,

    We are not using v1.8 + that's my issue here. So far I have created the new cert on the ATA center, synced all the gateways and then hit activate. All the gateways are now syncing with ATA center on the new certificate. The problem I have is the actual lightweight gateways certificate's are still set to expire at the end of the month.

    What should I do to update these? I am using version 1.7.5757.

    Thanks

    Thursday, March 7, 2019 1:15 PM
  • The best practice in this case is for you to upgrade to 1.8.1 and then to 1.9.1 ASAP,

    then let the system handle everything automatically.

    It's really the smart thing to do here, you are using an extremely outdated version...

    I am not sure that even the online docs still show the exact procedure that needed to be done in 1.7.


    Thursday, March 7, 2019 1:28 PM