Regenerate the SSL Certificate

The SSL certificate is valid for two years and must be regenerated after it expires.

To manually execute the batch file, the following parameters must be known:

• InstallationPath - The path where CIMPLICITY is installed.
• ConfigServicePortNumber and UABrowseServicePortNumber - The port numbers where micro services are running.
• RootCertificateName - The name of the root certificate file.
• ServerCertificateName - The name of the server certificate file.
  Note: The default value of ServerCertificateName is server_cert. If you change the value while executing the batch file, you must update the nginx.conf file with the new value and restart the CIMPLICITYNGINX service.
• passphrase - The password to protect the generated server certificate.

To regenerate the SSL certificate:

1. Go to the path where CIMPLICITY is installed, and delete the ScadaConfigPki folder containing the installed SSL certificates.
2. Access Command Prompt and enter the following command:

   cd <InstallationPath>

   For example:

   cd C:\Program Files (x86)\Proficy\Proficy CIMPLICITY

3. Now, execute the batch file by entering the following command:

   config_service_cert.bat <InstallationPath> <ConfigServicePortNumber> <UABrowseServicePortNumber> <RootCertificateName> <ServerCertificateName> <passphrase>

   For example:

   config_service_cert.bat "C:\Program Files (x86)\Proficy\Proficy CIMPLICITY\" 4855 4865 CimScadaConfigRootCA server_cert cimplicity

The SSL certificate is now regenerated.