Scribd
Upload
21 views13 pages

Certificate Change

Uploaded by

jijo morijo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
21 views13 pages

Certificate Change

Uploaded by

jijo morijo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 13

Steps for adding certificate to orchestrator IIS

Part 1 - Creating the certificate request

1. Open the IIS (Internet Information Services) Manager

2. Click on the server name on the left hand side and then double-click on Server Certificates
3. On the right-hand-side of the server certificates section, click on Create Certificate Request

4. The Request Certificate wizard is displayed.


The Common Name is the website URL that you are going to make SSL. And fill the rest of the
information as per your organization information
5. Change the Bit length to 2048 or higher.
6. Next Choose a place to put the certificate request (just a plain text file).
Part 2 - Submitting and creating the SSL certificate

1. Access the address for Web Enrollment of digital certification in the URL https:// <FQDN of the
CA Server> / CertSrv and click Request Certificate.

2. Click advanced certificate request.

3. Open the request file in Notepad, select and copy the entire content.
4. Paste the contents of the file request that you created by the end of Part 1 in the Saved
Request text box. Select the Certificate Template: "Web Server"and click Submit.

5. The certificate will be generated. Click Download Certificate and save the certificate in a folder.
6. Check if the settings of the certificate are correct. In addition check if the option of private key is
present in the certificate.

Part 3 - Installing Certificate on Orchestrator IIS Server


Perform the following on the same StoreFront server you created the certificate.

1. Double click on Server Certificates.

2. Click Complete Certificate Request....


3. Select Certificate file to import and enter any friendly name that helps you to track the
certificate. Select Personal as store location in IIS 8 and later.

The certificate is now imported.


4. Select the Sites\Default Web Site node, and click Bindings....

5. Click Add.
Note: Do not remove the http binding especially when the same server is DDC as well.
6. Select https as type, select the SSL certificate from drop-down list and click OK.
Part 4 – Changing the thumbprint of the new certificate on uipath orchestrator

1. Find the thumbprint by viewing the certificate details

2. Go to the Platform Configuration Tool folder, under the Orchestrator installation


folder ( usually C:\Program Files (x86)\UiPath\Orchestrator\Tools\
PlatformConfiguration)
3. In the folder Platform -> Click on file (1) -> Click on Windows PowerShell (2)->
Open Windows PowerShell as administrator (3),

4. In a Notepad paste the script and replace inside the 2 values inside the quotes of
a1b2c3d4 and z6y5x4v3 with the Thumbprint of the certificate.
.\Platform.Configuration.Tool.ps1 `
-UpdateUiPathCertificate `
-SiteName "UiPath Orchestrator" `
-NewSSLThumbprint "a1b2c3d4" `
-NewTokenSigningThumbprint "z6y5x4v3"
Copy the script and paste it on the Command line and run it. This will automatically
replace the thumbprint for the Orchestrator and identity server and also reset the
server
5. Open the browser and check if the Orchestrator is accessible
6. Manual Certificate Change: Update the certificate thumbprint under AppSettings,
by replacing the Certificate_thumbprint with the new value in the C:\Program Files
(x86)\UiPath\Orchestrator\Identity\appsettings.Production.json .

"AppSettings": {

(.....)

"StoreLocation": {
"Name": "{Certificate_thumbprint},",

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy