server restart during the certificate update

HI, Actually, we have integration which make use of HTTPS AS2 protocol communication with the customer and we are exchanging the certificates as well. The customer is updating their production certificates and sent us the updated ones and We need to install them on our end wherever it is necessary. I am just wondering once I installed the certificates in the Admin console and TN Console Do I need to restart the server to make that change effect or restart doesn’t required. Actually they suggested us to do during regular business hours, So Production server restart during that time will be kind of down time during our regular business hours. I just want to be more sure that If it is mandatory, I would like to do If I not I would like to avoid the restart.Could any one please advise. Thanks, Capri_lak.

Hello,

wM 7 onward, you have a link in the IS admin console / Security > Certificates / Refresh Trusted CA Certificates Cache which is supposed to reload all CA w/o rebooting the IS.

We had to install a fix to make it working, and this fix allows also to refresh CA directly associated to a port.
I don’t remember which one it is (a long time ago), but wM support can help you if it’s not working w/ your configuration.

Bye

Laurent

Hi,

If you click on Refresh Trusted CA Certificates Cache as suggested by Laurant. The CA certificate will be loaded into cache before next startup.

Thanks,
William

Hi,

The Fix which is refer by Laurent could be IS_7.1.2_Core_Fix23. This fix will address the issue of Integration Server which does not refresh the certificate cache for incoming connections. Please read further more on the fixes before applying it.

Thanks.
William

Hi William, Thank you very much for your response. Currently we are using 6.5 SP3.I think we are in the plan of getting upgraded to 7.1.2 coming soon. I am just wondering is there any that kind of fixes available in 6.5 sp3 as that you know of. Could you please advise. Thanks, Capri_lak

Hi,

There is a latest core fix patch for IS_6.5 SP3 in EMPOWER dated end of April 2010. The Fix does not have similar kind of fixes for certificate issues. Please refer to the EMPOWER and the read me file for further details.

Thanks,
William

based on my experience, on 6.5, the same CA cert refresh works, no patch needed. Also the TN cert works directly, no restart needed.