Renew internal application certificates
Veridium Manager offers GUI flows to delete expired friend certificates. When needed, this can be achieved using the steps documented below.
This procedure should be applied in each datacenter, so please connect to websecadmin in each datacenter.
A. Using Validity Dashboard to view and change expired certificates.
1. Go to Veridium Manager > Certificates > Validity Dashboard. In this page, sort the “Status” column to display expired certificates.
2. Three types of certificates are displayed and they can be controlled as detailed below:
Type “CERT” - double clicking on the entry or using the action button will direct the user to the Advanced Menu for configuration files. This is because this type of entry does not have a device associated in the database. User must either know & access the file manually, or use the global search function to find the configuration file that has it.
One example is shown below, for an expired APNS certificate:
Browse through the sorted-by-Status list and notice the expired APNS cert.
Using Global Search to find APNs certificate in the configuration file. Double click on the result.
APNs config section in the file, with the certificate entry visible, available for changes.
Type “SYSTEM” (with the subset “DEFAULT”) - double clicking on the entry will redirect user to the Certificates → System Services → Service Credentials section, where certificate can be renewed:
In this sample, AD-ADMIN is expired.
Selecting the expired SYSTEM cert will redirect to Service Credentials page, where it can be renewed.
Type “CUSTOM” - double clicking on the entry will redirect user to the device details page, since this type of cert has a device associated in the database. A sample flow is shown below:
Choose a custom certificate by double clicking on it, or using the Action button.
Check the expiration date and remove, renew, or block this from the top right menu.
Certificates > Service Credentials section
This entry allows for easy sorting and changing of defined service credentials, which are a subset of CUSTOM type (and available in the Certificate Validity Dashboard list). Flow is similar to the ones above:
B. Alternative flow for operating ADMIN & FRIEND (subset of CUSTOM type) certificates
Since Custom type contains ADMIN & FRIEND certificates, which have database device entries associated, they can be controlled via an alternative flow in the Devices section. This flow offers better sorting and removal capabilities from a UX perspective, but does not offer an easy way to display expired entries.
1. Go to Veridium Manager > Devices tab and select Advanced Search in the top right corner:
How to filter for friend devices
In the Type menu dropdown select “FRIEND” and then click the Search button. This will return all friend certificates. Additionally you can enter various search criteria, if needed.
A sample search for friend certificates with “test” in their name is presented below:
Advanced Search sample for criteria “Type: FRIEND” and “Name: test”
2. From the search result list you can:
a. delete the device directly, using the dedicated delete button from the Action column on the right:
removing devices directly from the list, using “Delete” button.
b. enter device details to review further information and delete it, using the dedicated “Open” button from the Action column on the right:
Device Details page with additional information and removal option.
Final confirmation step for device deletion.
A confirmation green message will be displayed upon successful deletion of a device:
