Hello guys,

SSL PI single stack server certificate expired. We followed step by step guide to configure the new certificate by:

1) Deleted the old crt from SSL Service

2) Created the new crt with CN "HOSTNAME OF WEB DISPATCHER"

3) Generated the CSR request

4) Imported the CSR response

5) Exported the keystore view from ICM_SSL_<instance>_<port1> to PSE

6) Saved the SSL port configurations by restarting the ICM which resulted the ICM with green light and no errors.

7) Restarted the SSL Provider

😎 Even tried restarting the whole PI server.

However, when we tested the link HTTPS://HOSTNAME(webdispatcher):PORT1 it still refer the old certificate which is expired.

Qestion1 : Where does it get the old certificate from even through we have deleted from NWA configuration key storage?

When we tried accessing the node instead of web dispatcher server, we found the new certificate that we installed with the CN:"webdispatcher". Therefore, even this link would not work because the CN name is different.

Question2: How does the HTTPS://HOSTNAME(instance)server:PORT1 grabs the new certificate which was meant for the web dispatcher?

Thank you!

Simran