Product Name
CIS-CAT Pro Dashboard
Product Version
v3.0+
Date
Problem
The TLS certificate (enabling HTTPS) previously configured during the CIS-CAT Pro Dashboard installation has expired and needs to be renewed. This may present itself with a browser warning page when visiting the Dashboard web interface, along with error codes such as NET::ERR_CERT_DATE_INVALID:
Solution
A new certificate can either be generated (for the self-signed TLS option) or supplied to Dashboard (for an existing organizational certificate) by re-running the latest installer.
The steps below illustrate the certificate renewal process using the GUI installer for Windows hosts, but the same general procedure applies for Linux installations using the CCPD_unix_Installer.sh setup script as well.
Launch the latest available Dashboard installer (
CCPD_windows-x64_Installer.exe) on the server hosting the current deployment. A new copy of the installer can be obtained from CIS WorkBench if needed.Select “Update application and/or configuration settings” (second option)
On the “HTTP/HTTPS Configuration” screen, choose either the first option (“Set up with HTTPS with a new self-signed certificate”) to create an updated self-signed cert valid for 90 days, or the second option to provide an existing organizational certificate in
.pfx/.p12or.jksformat.
Proceed through the remaining installation steps. The new certificate will then be applied to the Dashboard web server once the required services have been automatically restarted.
For more information on valid organizational certificate formats for use with CIS-CAT Pro Dashboard, please see the following KB article:
Dashboard v3 Certificate FAQs
Add Comment