Prerequisites:-
- Get a new certificate from your CA.
- We expect the certificate in pfx/pkcs12 format. If pfx/pkcs12 format cannot be created, please provide a certificate with private key and the pfx file can be generated.
Perform these steps to renew or update the certificate for BIOVIA Foundation.
Scenario :1 :- Foundation Hub is down because the certificate has already expired.
- Stop Foundation Hub Service.
- Create the keystore file for the new certificate through command line interface.
Example commands:-
Keytool location .
Example location: - E:\\Program Files\\BIOVIA\\Foundation\\hub\\jre\\windows\\bin
Example Command :-
keytool -importkeystore -srckeystore E:\\CERTS\\XYZ.PFX -srcstoretype PKCS12 -srcstorepass elnpass -destkeystore "E:\\CERTS\\ELNhubkeystore.jks" -deststoretype JKS -deststorepass elnpass
Note: - Due to a known issue in foundation hub, we require the password for pfx and keystore file should match. So please keep the password same in the above command.
(c) Navigate to the folder where Foundation is installed, such as, "
- In this sub-folder, make a copy of the file, “tomcat.properties”. Open the original file in Notepad for editing.
- If necessary, update the path for the new keystore file location. Please note about the extra back slash ( \\ ) before each special characters in that line and do not remove them. Just update the path as per your keystore location.
- Replace the encrypted password string with the actual password in plain text.
- Save and close the file.
(d) Start the BIOVIA Hub service.
(e) Login to the Foundation web page as “scitegicadmin” (or any other Foundation Administrator user account).
(f) In the Foundation web page, navigate to “Admin and Settings > Settings > Hub Configuration” and click Edit.
(g) Enter the password in the keystore password field and click Save.
(h) Saving the configuration will prompt a restart the server message. This action (SAVE AND RESTART) will encrypt the password in the file, “tomcat.properties”. A simple restart of the server via Hub configuration does not encrypt the password in this file.
After the restart, the Foundation web page will be displayed again. Log out and log in to Foundation as “scitegicadmin”. There should not be any certificate errors. Click the lock icon in the URL, and select the option to view the certificate. It should show the latest, new certificate.
Scenario :2 :- Foundation Hub is accessible and certificate will be expired soon.
- Create the keystore file for the new certificate through command line interface.
Example commands:-
Keytool location .
Example location: - E:\\Program Files\\BIOVIA\\Foundation\\hub\\jre\\windows\\bin
Example Command :-
keytool -importkeystore -srckeystore E:\\CERTS\\XYZ.PFX -srcstoretype PKCS12 -srcstorepass elnpass -destkeystore "E:\\CERTS\\ELNhubkeystore.jks" -deststoretype JKS -deststorepass elnpass
Note :- Due to a known issue in foundation hub , we require the password for pfx and keystore file should match. So please keep the password same in the above command.
(b) Login to the Foundation web page as “scitegicadmin” (or any other Foundation Administrator user account).
(c) In the Foundation web page, navigate to “Admin and Settings > Settings > Hub Configuration” and click Edit.
(d) Enter the password in the keystore password field and click Save.
(h) Saving the configuration will prompt a restart the server message. This action (SAVE AND RESTART) will encrypt the password in the file, “tomcat.properties”. A simple restart of the server via Hub configuration does not encrypt the password in this file.
After the restart, the Foundation web page will be displayed again. Log out and log in to Foundation as “scitegicadmin”. There should not be any certificate errors. Click the lock icon in the URL, and select the option to view the certificate. It should show the latest, new certificate.
