Replacing an encryption certificate for the Security Token Service
With the Pega® Robotic Automation Deployment Portal, you can use the Pega Robotic Automation Security Token Service to provide security tokens for implementing single sign-on. To avoid service interruption, you should replace the encryption certificate as required by Pega Support.
To replace an authority encryption certificate, complete the following tasks:
- Updating the authority encryption certificate
- Verifying that the certificate has been updated on the STS server
- Open the OpenSpan STS Configuration Console as an administrator by right-clicking its executable file and selecting the Run as administrator option.
- From the tree view, click Relying Party and then click .
The system downloads the new certificate from authority.openspan.com and places it in the Microsoft Windows Personal Certificate Store. This certificate is now used as the encryption certificate for STS.
- Close the Security Token Service Configuration console.
- When asked if you want to save the changes to the configuration, click Yes.
- When asked if you want to navigate to the Security Token Service to verify its operational status, click No.
- To run the Microsoft Management Console (MMC) snap-in, click and then enter mmc.exe.
- In the Add Standalone Snap-in dialog, select Certificates.
- Click .
- In the Certificates snap-in dialog, select Computer account and click Next.
- In the Select Computer dialog, click .
- In the Add/Remove Snap-in dialog, click .
- To view the certificate stores for the computer, in the Console Root dialog, expand Certificates (Local Computer).
- Expand Personal Folder
- Select Certificate.
- In the middle pane, verify that the certificate with expiry date of 1/25/2021 issued to authority.openspan.com is present.
If Pega Robotic Automation Runtime cannot authenticate, contact Pega Robotic Automation Support.
Continue with Setting up the Certificate Revocation List.