Signiant Support

Managers certificate appears valid in the GUI yet manager still reporting certificate errors Print


Problem:

A day or so after the manager's agent certificate renews, the administrator starts receiving "certificate revoked" errors when trying to administer the managers agent.
 

Resolution:

A certificate report shows that the managers agent certificate was renewed but doing a "dds_cert extract" and viewing the certificate shows that it still has the previous (now revoked) certificate. To correct the issue:

  1. Run a certificate report or check the Administration -> Trusts -> Local Certificates page and note the serial number of the managers valid certificate (0x06 for this example)
  2. cd to <install dir>/security/ddsCA/certs
  3. locate the .pem file that matches the serial number of the valid certificate (06.pem)
  4. copy this pem file to /tmp
  5. Stop the Signiant process control service using /etc/init.d/siginit stop sigagent or using the Services Control Panel
  6. run dds_cert update -newcert /tmp/06.pem
  7. Start the Signiant process control service using /etc/init.d/siginit start sigagent or using the Services Control Panel