Knowledge Base > Article [0018]

How to replace DualShield's SSL Certificate

DualShield's SSL certificate is specified in server.xml in which you can find the following text:

    <Connector protocol="HTTP/1.1" SSLEnabled="true"
           scheme="https" secure="true" clientAuth="false"
           keystoreFile="C:\Program Files\Deepnet DualShield/certs/allinone.pfx"
           keystorePass="changeit" keystoreType="PKCS12"  sslProtocol = "TLS" />

In the above example, the certificate is called "allinone.pfx" which is located in the folder C:\Program Files\Deepnet DualShield/certs, and its password is "changeit".

To use your own SSL certificate, replace the value of "keystoreFile" with the file path of your certificate, and the value of "keystorePass" with your password.

DualShield uses 5 ports from 8072 to 8076, therefore there are 5 occurrences of the certificate settings in the server.xml. You will need to change all of them in the same way.

You can imagine, the simplest way is, keep the new PFX certificate having the same password, then just overwrite the existing certificate allinone.pfx. In that case, you don't need to modify the file server.xml.

Don't forget to restart DualShield service afterwards.