Updating Latest Certificate for Business Apps

One of the certificates that are stored in Adeptia Truststore (cacerts) is used to authenticate the third-party business applications. This certificate needs to be updated before the existing certificate expires i.e.3rd Oct 2021 as there will be no handshake with the business applications in the absence of an updated certificate. This post guides you on how to place the new certificate in the Truststore.

The existing certificate will expire on 3rd October 2021. This certificate is present in both the Connect Portal and Connect Server's Truststore (cacerts). The latest certificate is attached "adeptia_com.crt" to this forum post.

Follow the steps below to update the certificates into the Truststore of both Connect Portal and Connect Server for all the nodes.

Adding new certificate:

• Download “adeptia_com.crt” file. This file is attached to this forum post and contains the new certificate. 
• Open the command prompt.
• Goto ".…<AdeptiaConnect-3.x>\ConnectServer\jre\bin".

Import the certificates into the Connect Portal and the Connect Server as well.

Connect Portal Location: "..\..\..\..\ConnectPortal\truststore\cacerts"

Connect Server Location: "..\..\AdeptiaConnect-3.x\ConnectServer\AdeptiaServer\ServerKernel\etc\truststore\cacerts"

• Run the following Keytool command to import certificates into the Truststore. Make sure that the alias name is not "server". 

• Run the command below to import the cert into the Truststore. Make sure that the alias name is not "server". 

keytool -import -file "<<path_to_Certificate_file>>" -alias certname -keystore "..\..\AdeptiaServer\ServerKernel\etc\truststore\cacerts"

Below is an example of the same command:

keytool -import -file "E:\certificates\adeptia_com.crt" -alias server1 -keystore "..\..\AdeptiaServer\ServerKernel\etc\truststore\cacerts"

• Type the Keystore password. The default password for Truststore is changeit.
• Click Yes to trust this certificate.

A confirmation message displays "Certificate was added to Keystore" once the new certificate is added.

Removing the existing Expired certificate only after Expiration:

As a best practice, we recommend removing the expired certificates from the Truststore of both Connect Portal and Connect Server.

Follow the steps below to remove the Expired certificate from the Truststore after 3rd October 2021.

• Open Command Prompt.
• Go to …<AdeptiaConnect-3.2>\ConnectServer\jre\bin.
• Run the following Keytool command to remove the certificate from the Truststore:

keytool -delete -alias server -keystore "..\..\AdeptiaServer\ServerKernel\etc\truststore\cacerts"

• Type the Keystore password. The default password for Truststore is changeit.
• This will remove the existing certificate.

Note: The existing (adeptia.com) certificate present in the cacerts has the alias name "server". Do not use this alias name to add the adeptia.com certificate in cacerts as it will override the existing certificate.