Issue or Problem:
How to replace an expired SSL Certificate for a Volicon Web Server
The current web server's SSL certificate has or is about to expire, or otherwise needs to be replaced.
Snapstream does not provide, update, nor renew SSL certificates for Volicon systems.
It will be necessary to contact a third party Certificate Signing Authority. All SSL Certificates must be signed by a Certificate Authority, the certificates cannot be self-signed since Browsers do not support self-signed certificates. If there are any questions regarding SSL certificate requirements, it is advised to reach out to your IT security team for details or requirements for your organization.
The certificate's Subject (CN) must be identical to the domain names of the Volicon system(s).
It is recommended to provide an X.509 wildcard certificate (for example: *.volicon.com).
The following certificate files will be required:
- Primary Certificate – .crt file
- Private Key - .key file in RSA key form. Can be converted using openssl: openssl rsa -in domain.key -out domain-rsa.key
- Intermediate certificate - if necessary. Not needed if the Sigining authority provided a full chain certificate.
The key file should be opened to confirm that there is no additional text before “BEGIN RSA PRIVATE KEY” and after “END RSA PRIVATE KEY”.
Transfer all files to the Central Server. Can be any secure folder, but recommended path to use: C:\Program Files\Volicon\Apache2.4\conf\extra\new
Edit the following lines in C:\Program Files\Volicon\Apache2.4\conf\extra\httpd-ssl.conf :
• SSLCertificateFile “ /path/to/your_domain_name.crt ”
• SSLCertificateKeyFile “ /path/to/your_private.key ”
• SSLCertificateChainFile “ /path/to/intermedia te_certificate.crt ”
Restart the Apache Windows service after editing and saving this file.
If NGINX is being used, there are additional steps that will need to be taken. Please contact support for assitance.
Applies to Version:
Volicon versions 7, 8, and 9
SSL Certificate expire replace