Introduction
This article describes how to update current SSL certificates on SES server.
Description
The following procedure explains how to upgrade the SSL certificate when this one expires or after FQDN change. This allow to avoid any SSL alert on browser when accessing SES Console web interface.
Procedure
Requirements
Provide the 2 following files:
- x509 PEM encoded Base64 ASCII certificate (including certificate chain if required)
- unencrypted RSA Base64 key ASCII file
The 2 files should contain the strings "-----BEGIN..." and "-----END...".
SSL certificate & private copy
1. Copy the certificate & private key files into:
/opt/systran/apps-node/enterprise-server/certificates /opt/systran/apps-node/translation-gateway/certificates
2. If systran user is not the files owner, change it using following command
chown systran:systran /opt/systran/apps-node/enterprise-server/certificates/* && chown systran:systran /opt/systran/apps-node/translation-gateway/certificates/*
SES Console settings changes
1. On SES Console web interface, go to Administration > Settings > HTTPS Settings then change the path for HTTPS certificate & private key fields as shown below:
SES Gateway settings changes
Edit the Gateway config file: /opt/systran/apps-node/translation-gateway/config/default.yaml
translate-api:
port: 8903
https:
port: 8904
activate: true
privateKey: certificates/[your certificate].key
certificate: certificates/[your certificate].crt
Services restart
1. Once the changes are made on SES Console web interface, restart the services on the server
CentOS/RedHat 7
systemctl restart systran-ses-console && systemctl restart systran-ses-gateway && systemctl restart systran-trs-console
CentOS/RedHat 6
service systran-ses-console restart && service systran-ses-gateway restart && service systran-trs-console restart
2. Then relog on SES Console web interface