Update Clientless RDP Certificate
Table of Contents
Overview
When your certificate is expired, you need to replace it on the Clientless RDP Gateway. In this article, we explain how.
The Clientless RDP environment will be down for a couple of minutes while replacing the certificate.
Update the certificate
In summary, follow the steps below. Go to the step-by-step instructions section for more detailed information.
Ubuntu 18.04 = Tomcat 8
Ubuntu 20.04 = Tomcat 9
Ubuntu 20.04 = Tomcat 9
- Please make sure to rename the new certificate name to clientlessrdpcert.pfx.
- Open a session to the Clientless RDP Gateway and run the following commands:
cd /etc/tomcat?
sudo rm -r clientlessrdpcert.pfx
sudo wget urltocertificate -O clientlessrdpcert.pfx
sudo nano server.xml
- Search for the connector listening on 8443. Scroll to the right and update the password.
sudo service tomcat? restart
Please do not use special characters in your certificate password. Instead, use a password with 16 or more lowercase letters, uppercase letters and digits.
Step-by-step instructions
1. Make sure the new certificate is in the root directory
- You can use WinSCP to import the certificate into the root of the Clientless RDP machine.
- You can use Wget to download the certificate from another location.
- Please make sure to rename the new certificate name to clientlessrdpcert.pfx.
2. Remove the old certificate
- Open a session to the Clientless RDP Gateway and run the following commands ("tomcat?" can be either 8 or 9):
cd /etc/tomcat?/
- Type LS to check if the certificate is in the folder.
- Remove the certificate:
sudo rm clientlessrdpcert.pfx
- Type LS to make sure the certificate is removed.
- Go back to the root and copy the certificate into the Tomcat? folder by using the following command:
sudo cp CERTIFICATENAME /etc/tomcat?/clientlessrdpcert.pfx
- Go back to /etc/tomcat?/ to make sure the certificate is in the folder.
3. Different password of the clientless RDP certificate? Change the following:
sudo nano /etc/tomcat?/server.xml
- Go down until you see the connector port="8443".
- Scroll to the right and change the password (keystorePass) or press CTRL + W to find the password.
- Save the server.xml.
4. Restart Tomcat services
sudo service tomcat? restart
- You can schedule the restart of Tomcat with:
sudo service tomcat? restart | at 23:30
- Now test the gateway and certificate.