Follow

How to: Replace the Venafi VOC with immediate effect

Applies to:

Venafi Trust Protection Platform 14 and above

Subject:

On some occasions, the Venafi Operational certificate needs to be replaced before the renewal window.

If the Venafi Operational Certificate is still valid, replacing the certificate within the WebAdmin interface will no be sufficient.

This knowledge base article will describe how to replace the Venafi Operational Certificate

 

Instructions:

NOTE: Before proceeding, the below is required

  • Logged on user must have local administrative permissions
  • Access to the new certificate and associated private key if using an existing certificate
  • Make sure the certificate currently being used is only used by the Venafi site

 

  1. In WebAdmin, go to the policy tree and locate the certificate object used as the Venafi Operational Certificate (See this KB on how to identify the Venafi Operational Certificate)
  2. Make a note of the Serial Number
    Screen_Shot_2015-02-27_at_08.18.31.png

  3. Import the certificate to be used or renew the certificate
    NOTE: If you are renewing the certificate, make sure renewal is completed before proceeding further
  4. On the Trust Protection Platform server, open the local machine CAPI store (More info can be found here)
  5. Go to the Personal folder and select Certificates

    Screen_Shot_2015-02-27_at_08.28.08.png
  6. Locate the certificate currently being used by checking against the serial number

    Screen_Shot_2015-02-27_at_08.28.45.png
  7. Create a backup of the certificate by exporting the certificate along with its private key
  8. Delete the certificate from the CAPI store
  9. Restart all Venafi Services as well as the IIS service (World Wide Web Publishing Service)
  10. Close and reopen your Internet Browser
  11. Go to the WebAdmin portal. The new certificate will be installed; the first time you access WedAdmin following the certificate change, but not in use yet
  12. Close and reopen your Internet browser
  13. Go to the WebAdmin portal
  14. The new certificate is now being used

Related Articles

How to Identify which certificate is used as teh Venafi Operational Certificate

How to Open the Local Machine CAPI Store

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk