D.5 Replacing the SSL Certificate for an iFolder Enterprise Server

This section discusses how to replace the SSL certificate for a single iFolder server, iFolder master server, and iFolder slave server.

D.5.1 Replacing the SSL Certificate for a Single iFolder Server

  1. Create a backup of the original certificate from the Apache certificate store.

  2. Ensure you have the valid new certificate to replace the original certificate.

  3. If the names of the original and new certificates differ, edit the /etc/apache2/vhosts.d/vhost-ssl.conf file and replace the filename of the original certificate with that of the new certificate.

  4. Create a backup of the /opt/novell/ifolder3/%lib/simias/admin/Web.config and /opt/novell/ifolder3/%lib/simias/webaccess/Web.config files. Here, %lib must be replaced by lib for the 32-bit server and lib64 for the 64-bit servers.

  5. Copy the new certificate to the Apache certificate store. The permission assigned on the new certificate must be same as the permission for the original certificate.

  6. Restart Apache.

  7. Configure the iFolder Web Admin sever and the Web Access server to import the new certificate keys in the admin Web.config file.

  8. Restart Apache.

  9. Log in to the Web Admin console and Web Access console to verify if you are able to successfully view all the pages in the Web Admin and Web Access console.

D.5.2 Replacing the SSL Certificate for an iFolder Master Server

To replace the certificate of an iFolder master server in a multi-server deployment, you must first replace the certificate on the master server by using the procedure in Section D.5.1, Replacing the SSL Certificate for a Single iFolder Server, then follow the steps given below to change the slave server configurations. Because of the change in the configuration, the slave servers start using the new certificate from the master server.

  1. Navigate to the iFolder slave server directory /opt/novell/ifolder3/%lib/simias/web and create a backup of the web.config file. Here, %lib must be replaced by lib for the 32-bit server and lib64 for the 64-bit server.

  2. Create a backup of the web.config file.

  3. On the master server, open the Web.config file at the location /opt/novell/ifolder3/%lib/simias/admin/ and copy the value of the SimiasCert XML attribute. On the slave server, open the web.config file at the location /opt/novell/ifolder3/%lib/simias/web/ and replace the value of the XML attribute SimiasCert with the value copied from the master server.

  4. Restart Apache on the slave server.

  5. Log in to the slave server Web Admin console to verify if you can successfully view all the pages.

D.5.3 Replacing the SSL Certificate for an iFolder Slave Server

To replace certificate on an iFolder slave server, you can use the procedure outlined in Section D.5.1, Replacing the SSL Certificate for a Single iFolder Server. There is no need to modify any configuration file on the iFolder master server if only the slave server certificate needs to be replaced.