Replacing your existing SSL certificates
Use the instructions in this topic to replace your existing SSL certificates. For example, if your existing certificate has expired or you want to replace your existing certificate with a new one.
Replacing the SSL certificate in the RPM Classic UI
Do the following:
- Stop the RPM service.
- Generate the certificate keystore if it is not generated already. For instructions, see Enabling-HTTPS-SSL-on-existing-instance.
- Copy the keystore file generated in step 2 to the RLMhome/server/jboss/standalone/configuration directory.
In the RLMhome/server/jboss/standalone/configuration directory, open the file corresponding to your environment, in a text editor:
Configuration
Deployment
File
HTTP
Non-high-availability
standalone-full.xml
High-availability
standalone-full-ha.xml
HTTPS
Non-high-availability
standalone-full-https.xml
High-availability
standalone-full-ha-https.xml
- Change the keystore password, filename, and alias name, as follows:
Locate the rpmKeyStore keyword as shown below:
<key-store name="rpmKeyStore" alias-filter="brpm_ssl">
<credential-reference clear-text="password"/>
<implementation type="JKS"/>
<file path="test.keystore" relative-to="jboss.server.config.dir"/>
</key-store>- To change the keystore password, change password in <credential-reference clear-text="password"/>.
- To change the keystore file name, change path in <file path="test.keystore" relative-to="jboss.server.config.dir"/>.
- To change the SSL alias name, change alias-filter in <key-store name="rpmKeyStore" alias-filter="brpm_ssl">.
- Change the rpmKeyManager password, as follows:
Locate the rpmKeyManager keyword, as shown below:
<key-manager name="rpmKeyManager" key-store="rpmKeyStore">
<credential-reference clear-text="password"/>
</key-manager>- Change the password in <credential-reference clear-text="password"/>.
- Save the file.
- Start the RPM service.
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*