In order to renew a certificate that has expired or is soon to expire, there are a few things that you need to do.
1. Obtain the Renewal Certificate - The Renewal Cert needs to be based on the same CSR that was used to issue the certificate in the first place. At any time, you can create a new CSR on your system by issuing the following command:
keytool -certreq -keyalg RSA -alias tomcat -file csr.txt -keystore <name/path of your keystore>
To verify that you are using the proper alias, you can run the command:
keytool -list -keystore <name/path of your keystore>
The alias will be on the far left of the "PrivateKeeyEntry". In this case the alias is listed as tomcat.
2. Installing the New Certificate - The process of adding the renewal certificate to the keystore is very easy. You can use the following command :
keytool -import -trustcacerts -alias tomcat - file <name/path of your renewal certificate> -keystore <name/path of your keystore>
You should see a message saying
After restarting your iDashboards service, your new certificate will be ready for use.