Page tree
Skip to end of metadata
Go to start of metadata

 How to change the existing SSO metadata certificate to have a bigger private key?

Step-by-step guide

You can use ubikt application to create new key, generate certificate request and after getting signed certificate, import that to unix/win32.config

  1. Generate new key
    java -jar ubikt.jar -ubilogin win32.config -generate -keysize 2048
  2. Create certificate request
    java -jar ubikt.jar -ubilogin win32.config -request -subject "CN=idp.example.com,O=Example Org,C=ex"
  3. Send CSR to CA for signing
  4. Certificate import 
    java -jar ubikt.jar -ubilogin win32.config -import newcertificate.cer
  5. Run setup 
    ubilogin\setup.cmd
  6. Update secrets 
    import.cmd secrets.ldif
  7. Re-deploy applications to tomcat 
    tomcat\update.cmd