Certificate X.509 about to expire-how to change it

yonathanperez · ‎04-20-2016

One of our DER-Trust Store Certificates is about to expire. We have gotten a new certificate but I would like to know how to modify the current settings to add the new certificate without any downtime. I am new on this so I would appreciate if any steps can be provided to perform this action.

sergiu_panaite · ‎04-20-2016

Hi Yonathan,

Have a look here:

Uploading a Certificate - ServiceNow Wiki

Regards,

Pedro Silva4 · ‎04-21-2016

Hi Yonathan,

You can export your certificates from your browser.

in this case for IE when logged in to your ServiceNow instance follow these steps:

To export your certificate:

1 - Click the keylock next to the URL bar.

2 - View Certificates

3 - Select the certificate - View Certificate

4 -Copy your certificate to file

5 - Follow the next steps choose your .CER files

6 - And save it to your PC

Next step is to import Certificates to you Instance / Mid Server

IF you use this Keytool application

There is a thing called Keystore where it stores all your certificates.

You can list all the certificates by:

C:\ServiceNow\MID DevServer\agent\jre\bin> keytool -list -keystore cacerts --> this is the path to where your mid server is isntalled, can be different

For your Mid Server

Go to your keytool directory:

(should be something like: C:\ServiceNow\MID DevServer\agent\jre\bin ... somewhere here you should find your Keytool.exe )

Copy the Certificate you downloaded to you Mid Server

Add the Certificate to your Keystore:

keytool -import -trustcacerts -keystore "PATH_TO_YOUR_MID_SERVER_INSTALATION\agent\jre\lib\security\cacerts" -storepass "THIS IS A PASSWORD" -noprompt -alias "JUST A NAME" -file "PATH_TO_NEW_Certific"

Hope it helps

Pedro