Replacing an encryption certificate for Active Directory Federation Services
With the Pega® Robotic Automation Deployment Portal, you can use an Active Directory Federation Services (AD FS) server to provide security tokens for implementing single sign-on. To avoid service interruption, you should replace the encryption certificate as required by Pega Support.
To replace an authority encryption certificate, complete the following tasks:
- Download the authority encryption certificate
- Open a web browser and go to the authority.openspan.com website. The Authority Server webpage displays.
- To download the certificate, click Authority SSL certificate.
After you finish downloading the certificate, import the certificate by using the AD FS console, which is installed when you install AD FS.
- From the Start menu, in the Search Programs and File field, type Admin, and then click > .
- Click Relying Party Trusts.
- Right-click the relying party trust that is set up for OpenSpan and click Properties.
- Click the Encryption tab.
- Click and select the authority certificate that you downloaded in the previous task. Click .
- Verify that the subject is CN=authority.openspan.com and that the expiration date is 1/25/2021.
- Click . The warning that the encryption certificate will expire within thirty days disappears.
- Click .
The system replaces the AD FS encryption certificate.
If Pega Robotic Automation Runtime cannot authenticate, contact Pega Support.
Continue with Setting up the Certificate Revocation List.