Collect information about root certificates stored outside your server. Create a
specialized Discovery schedule.
Avant de commencer
Role required: pki_admin or admin
Pourquoi et quand exécuter cette tâche
Configure your MID Server to renew certificates automatically by setting the configuration parameters in your MID Server.
For information about version compatibility and troubleshooting, see the Renewal of TLS certificates using AI Agents for
Discovery knowledge article [KB2470998] in the Now Support Knowledge Base.
The Certificate Inventory and Management on Yokohama Patch 8 or later supports the certificate renewal agent.
Procédure
-
Navigate to .
-
Select the MID Server that you want to configure.
-
Select the Configuration Parameters tab.
-
Add a new parameter by selecting New.
-
Select the Parameter name field.
-
Select ext.vault.hashicorp.address
-
In the Value field, enter your external Hashicorp vault
address.
The default value is http://127.0.0.1:8200.
-
Select Submit
-
Add a new parameter.
-
Select New.
-
Select the Parameter name field.
-
Select ext.vault.hashicorp.path
-
In the Value field, enter your file path in the
Hashicorp vault.
-
Select Submit.
-
Navigate to the location of your host name of the MID Server
-
Navigate to the IP address in the IP address field of
your MID Server record.
-
Navigate to the MID Server installed folder where you
installed your MID Server.
-
Select the agent/config.xml file.
-
Add the parameter ext.vault.hashicorp.token in your
cofig.xml file.
-
Insert the following code:
<parameter
name="ext.valut.hashicorp.token" secure="true" value="<YOUR TOKEN
VALUE>"/>
-
Restart your MID Server.
Que faire ensuite
To complete the process of configuring yourself for automatic certificate renewal,
you must complete the required steps to Add the required applications and capabilities to your MID Server and Configure System Properties for automatic certificate renewal.