Replace the SSL Certificate of Enterprise Edition Web Client

Before you begin

Install Plant Applications Enterprise Web Client.

About this task

When you install Plant Applications using Docker, a self-signed certificate for the Enterprise Edition Web Client applications is created so that you can access Enterprise Edition Web Client using HTTPS. For better security, we recommend that you replace this self-signed certificate with one issued by a trusted CA authority.
Note: Only .pem (with certificate and private key included) files are supported.

Procedure

  1. You must define your configuration in the silentinstaller.yml file. Update the following parameters in the silentinstaller.yml file:
    Parameter Description
    SSL_CERT_PEM_PATH: "" Enter the path to the SSL certificate.

    For example, SSL_CERT_PEM_PATH: " /home/administrator/myca_certs/new_cert.pem"
    SSL_KEY_PEM_PATH: "" Enter the path to the SSL key.

    For example, SSL_KEY_PEM_PATH: "/home/administrator/myca_certs/new_key.pem"
  2. Access the utility.sh file in the plantapps-enterprise-webclient-<buildno> folder.
  3. Provide execution permissions to the utility.sh file by running the following command: sudo chmod +x <path to the installer>/plantapps-enterprise-webclient-<buildno>/utility.sh
  4. Remove the PApaMymachinesservice stack by running the following command: sudo docker stack rm PApaMymachinesservice.
  5. Run the utility.sh file by running one of the following commands:
    • If you want to run this utility directly on the Enterprise Edition Web Client node: <path to the installer>/plantapps-enterprise-webclient-<buildno>/sudo ./utility.sh -l -ssl reset
    • If you want to run this utility remotely on the Enterprise Edition Web Client node: <path to the installer>/plantapps-enterprise-webclient-<buildno>/sudo ./utility.sh -r -ssl reset
    The existing SSL certificate and key are replaced with the certificate and key that you have provided.