Hi ,
Welcome to the Support Portal. How can we help?
Follow

Update Clientless RDP Certificate

Table of Contents

 

Overview

When your certificate is expired, you need to replace it on the Clientless RDP Gateway. In this article, we explain how.

The Clientless RDP environment will be down for a couple of minutes while replacing the certificate.

 

Update the certificate

In summary, follow the steps below. Go to the step-by-step instructions section for more detailed information.

Ubuntu 18.04 = Tomcat 8
Ubuntu 20.02 = Tomcat 9
  • Please make sure to rename the new certificate name to clientlessrdpcert.pfx. 
  • Open a session to the Clientless RDP Gateway and run the following commands: 
cd /etc/tomcat? 
sudo rm -r clientlessrdpcert.pfx 
sudo wget urltocertificate -O clientlessrdpcert.pfx 
sudo nano server.xml 
  • Search for the connector listening on 8443. Scroll to the right and update the password. 
sudo service tomcat? restart 

Back to top

 

Step-by-step instructions

1. Make sure the new certificate is in the root directory

  • You can use WinSCP to import the certificate into the root of the Clientless RDP machine.
  • You can use Wget to download the certificate from another location.
  • Please make sure to rename the new certificate name to clientlessrdpcert.pfx.


2. Remove the old certificate

  • Open a session to the Clientless RDP Gateway and run the following commands ("tomcat?" can be either 8 or 9):
cd /etc/tomcat?/
  • Type LS to check if the certificate is in the folder.
  • Remove the certificate: 
sudo rm clientlessrdpcert.pfx
  • Type LS to make sure the certificate is removed.
  • Go back to the root and copy the certificate into the Tomcat? folder by using the following command:
sudo cp CERTIFICATENAME /etc/tomcat?/clientlessrdpcert.pfx
  • Go back to /etc/tomcat?/ to make sure the certificate is in the folder.


3. Different password of the clientless RDP certificate? Change the following:

sudo nano /etc/tomcat?/server.xml
  • Go down until you see the connector port="8443". 
  • Scroll to the right and change the password (keystorePass) or press CTRL + W to find the password.
  • Save the server.xml. 


4. Restart Tomcat services

sudo service tomcat? restart
  • You can schedule the restart of Tomcat with:
sudo service tomcat? restart | at 23:30
  • Now test the gateway and certificate. 

Back to top