Unable to login to update expired AD certificate

Document ID:7018517
Creation Date:24-Jan-2017
Modified Date:24-Jan-2017
- Micro Focus Products:
  Self Service Password Reset

Environment

Self Service Password Reset

SSPR 4.x

SSPR 4.0 appliance

Situation

Unable to login to update expired AD certificate

LDAP Certificate expired, can't login to ConfigEditor to change it

How to update cert without logging in to ConfigManager or ConfigEditor

Resolution

Do the following:

1. Log in to the sspr admin console at https://<dns-name>:9443

2. Go to "Administrative Commands"

3. Select the option to “Unlock Configuration." This option allows the configuration to be edited without LDAP authentication.

4. Restart your browser

5. Go to https://<dns-name>/sspr.

6. A prompt will apear saying that you are in configuration mode. Click OK.

7. You will be prompted to sign in. Instead of signing in, click the down arrow in the top right hand corner of the screen and select “Configuration Editor.”

8. Enter the configuration password when prompted.

9. In Configuration Editor go to “LDAP” and select the desired LDAP Directory profile.

10. Under "LDAP Certificates" clear the LDAP certificate and import the new one.

11. Save the configuration.

12. Go back into the administrative commands in the admin console per steps 1 and 2, and lock the configuration.