Applies only to SafeConsole OnPrem


This problem has been identified as having to do with the passwords on the certificates (old/new) not matching which affects other setting in SafeConsole 4.2 or earlier.

 

If you have a backup of the old safeconsole.ini it is quick to implement this fix:


  1. Start by backing up your SafeConsole folders entire contents.
  2. Stop SafeConsole process.
  3. Optional: Confirm the password to the old certificate, click the ca.p12 and follow the guide.
  4. Optional. Start the SafeConsole Configurator and import the ca.p12 as the certificate.
  5. Optional. Do not start SafeConsole, instead take a copy of the safeconsole.ini.
  6. Optional. Start the SafeConsole Configurator again. This time install the new certificate.
  7. Do not start SafeConsole, copy the truststore-password from the old safeconsole.ini to the new safeconsole.ini. Save the new safeconsole.ini.
  8. Start SafeConsole and confirm that is it working.


If you have lost the old SSL certificate password and have no backup of the safeconsole.ini there is the following option.These steps will enable you to perform password resets if required even if the devices where linked to the old certificate:


  1. Take a backup of the certs folder.
  2. Erase the current ca.p12 and keystore.p12 - the old certificate.
  3. Retain and save the file "certificates". This is needed for the maintaining the password reset capability of "old" devices.
  4. Run the SafeConsole Configurator and select the new certificate to install.
  5. Open the SafeConsole admin interface and check the 'server connection' configuration under 'device administrator tools' in 'configuration overview'
  6. This configuration setting 'redeploy to new server with certificate' must contain the new SSL certificate of SafeConsole. This setting will otherwise reconfigure the devices with the wrong certificate and the devices will not work.
  7. Please also go to the 'installed certificate' menu item and delete the old certificate if present.
  8. When you want to connect the device to the server with the new certificate you will need to factory reset the devices. If you are using the self-signed SafeConsole certificate make sure that you have deployed the new certificate to the host machines prior to attempting to connect the devices. If you have bought a trusted certificate the trust should already be present.