SSL certificate about to expire. need to apply the new one.
Data Quality user documentation | Security (experianaperture.io)
This documentation for applying SSL cert if quite confusing as I do not see the menu.
Go to Configuration > All server settings
do I need the pfx file, or I can just apply cert file to update SSL.
pls let me know.
your response would be appreciated.
I remember using the pfx file last time in march for dev environment.
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
There are many different standards for SSL key container formats, and how you configure Data Studio's server certificate is going to depend on the format you have. Ultimately, Data Studio will need to add the private key and corresponding site certificate to its keystore.
A pfx file (or .pkcs12 or .p12) is a password-protected container format that bundles a certificate (possibly with its various CA certificates) and the corresponding private key. If you have a pfx file, Data Studio's Key file and Certificate file will be configured to the same path (the .pfx file).
In production it may be more likely that you have a separate private key and certificate. The private key (which is often a .key or .pem file) is generated, and used to create a certificate signing request (CSR). The CSR would go to a certification authority (CA), either public or private, who would return a signed certificate. The certificate (often a .pem, .cert, .cer or .crt) is a container for the public key with a signature computed by the (CA). In this case, configure Data Studio to include paths to the the private key and cert files separately.
When a certificate expires, you may generate a new CSR using the existing private key, or you may choose to generate a new private key for the new cert. Which option you take will determine whether you can just update the cert file in Data Studio. Alternatively you may choose to create your own new pfx including the new cert and the associated public key.
@Henry Simms , thanks for response,
can passphrase be empty if I am just using the .crt file?
what i would want to do is, create a csr using digicert util.
store a .crt file in certain location. import it using digicert util . and then mention the path for that crt file here
settings - communication- server certificate - certificate file.
and how do I test those changes? as in documentation above it says, apply, don t se the apply button here.
i am unable to paste the screen due to permissions i guess. from page adsURL /settings/communication-settings
ok, I have the pfx and crt file and the passphrase with me now.
now I am not sure about the settings to be applied on
settings - communication- server certificate -
and all the 3 entries there,
passphrase, (passphrase set for pfx file while creating pfx file)
key file (local path of crt file) (could that be left empty, if I am using pfx file in certficate file path?)
certificate file (local path of pfx file)
after that i do not see the apply button,
i see the save changes button only,
how these changes are successful, how would I know that?
again i have done that in dev in march, but I am forgetting something what ensured it to be successful.
@Henry Simms @Josh , please any help would be appreciated.
secondly i m unable to paste screens here due to permission issues, else I would elaborate it more here, what I am doing.
but hope you guys get the idea,
If you have a .pfx with both the private key and the cert in the bundle, you'll use the path to that file as the setting for both the Key file and Certificate file:
You'll then click Save at the bottom of the page. If the file is valid (contains the right things) and the passphrase is correct, you should see the certificate info (expiry, issuer, domain) added to the non-editable fields just about the passphrase settings:
For Data Studio to correctly pick up the new cert, you may need to restart the Data Studio service
If you get an error when you hit Save, you'll know that there's something wrong with the pfx bundle. For example, in the case where I use the incorrect passphrase:
You will also see an error in the datastudio.log reporting the problem.
We'll update your permissions so you can post screenshots
thanks a lot. it really helps. @Henry Simms . I have successfully applied the new cert.
thanks once again for help.
"We'll update your permissions so you can post screenshots"
this will help a lot in future cases and questions. thanks. @Henry Simms