1 Rookie
•
32 Posts
0
41
Installing new certificate failed
Hi,
I'm using SCG-PM-5.22.00.18-podman. The SCG was running fine with a CA signed certificate. Now the certificate has been renewed. I uploaded it via the web gui, the gui accepted certificate and key. But after after a restart of the application I'm not able to connect to the web gui on port 5700. My browser always warns me, that the connection is not secure. Port 9443 is still using the old certificate.
Is there any possibility to install the certificate via cli? Or what else can I do?
Regards,
Dirk
dirkuos
1 Rookie
1 Rookie
•
32 Posts
0
May 15th, 2024 07:09
Dirk
(edited)
shuff12
1 Rookie
1 Rookie
•
5 Posts
0
May 13th, 2024 16:08
you can first ensure that the certificate and key are correctly installed and recognized. This involves verifying that the certificate chain is complete and correctly installed on the server, which includes the SSL certificate, intermediate certificates, and root certificate. Make sure all certificates in the chain are valid and installed correctly. If the web GUI on port 5700 is not accepting the new certificate after a restart, it could be due to an incomplete certificate chain or the server still holding onto the old certificate in its cache. Restarting the server might help in recognizing the new certificate chain. For port 9443, which is still using the old certificate, you will need to replace the old certificate with the new one. This can be done by importing the new certificate and setting it as the default, then deleting the old certificate from the server -- restarting server might be needed
dirkuos
1 Rookie
1 Rookie
•
32 Posts
0
May 14th, 2024 05:29
Hi, thanks for the reply.
The new certificate has been accepted by the web gui. But after restart of the SCG my web browser always receives an ERR_SSL_PROTOCOL_ERROR. So I cannot connect to the web gui any more. My idea is to open a bash in the saede-app container and delete the new certificate, or re-install it manually. But I don't know how to do that.