Collect information about root certificates stored outside your server. Create a specialized Discovery schedule.
Before you begin
Role required: pki_admin or admin
About this task
Configure your MID Server to renew certificates automatically by setting the configuration parameters in your MID Server.
For information about version compatibility and troubleshooting, see the Renewal of TLS certificates using AI Agents for Discovery knowledge article [KB2470998] in the Now Support Knowledge Base. The Certificate Inventory and Management on Yokohama Patch 8 or later supports the certificate renewal agent.
Procedure
-
Navigate to .
-
Select the MID Server that you want to configure.
-
Select the Configuration Parameters tab.
-
Add a new parameter by selecting New.
-
Select the Parameter name field.
-
Select ext.vault.hashicorp.address.
-
In the Value field, enter your external
HashiCorp vault address.
The default value is http://127.0.0.1:8200.
-
Select Submit.
-
Add the HashiCorp vault path parameter.
-
Select New.
-
Select the Parameter name field.
-
Select ext.vault.hashicorp.path.
-
In the Value field, enter your file path in the
HashiCorp vault.
-
Select Submit.
-
Add the HashiCorp vault token to your MID Server configuration file.
-
Navigate to the IP address in the IP address field of your MID Server record.
-
Navigate to the MID Server installed folder where you installed your MID Server.
-
Select the agent/config.xml file.
-
Add the parameter ext.vault.hashicorp.token in your config.xml file.
-
Insert the following code:
<parameter name="ext.vault.hashicorp.token" secure="true" value="<YOUR TOKEN VALUE>"/>
-
Restart your MID Server.
What to do next
To complete the process of configuring yourself for automatic certificate renewal, you must complete the required steps to Add the required applications and capabilities to your MID Server and Configure System Properties for automatic certificate renewal.