This article describes how to update current SSL certificates on SES server.
The following procedure explains how to upgrade the SSL certificate when this one expires or after FQDN change. This allow to avoid any SSL alert on browser when accessing SES Console web interface.
Provide the 2 following files:
- x509 PEM encoded Base64 ASCII certificate (including certificate chain if required)
- unencrypted RSA Base64 key ASCII file
The 2 files should contain the strings "-----BEGIN..." and "-----END...".
Note that if you certificate relies chain of trust, you have to concatenate in a single file:
1) server certificate (encoded as described above)
2) intermediate certificate (encoded as described above)
3) root certificate (encoded as described above)
SSL certificate & private copy
1. Copy the certificate & private key files into:
2. If systran user is not the files owner, change it using following command
chown systran:systran /opt/systran/apps-node/enterprise-server/certificates/* && chown systran:systran /opt/systran/apps-node/translation-gateway/certificates/*
SES Console settings changes
1. On SES Console web interface, go to Administration > Settings > HTTPS Settings then change the path for HTTPS certificate & private key fields as shown below:
SES Gateway settings changes
Edit the Gateway config file: /opt/systran/apps-node/translation-gateway/config/default.yaml
privateKey: certificates/[your certificate].key
certificate: certificates/[your certificate].crt
1. Once the changes are made on SES Console web interface, restart the services on the server
systemctl restart systran-ses-console && systemctl restart systran-ses-gateway && systemctl restart systran-trs-console
service systran-ses-console restart && service systran-ses-gateway restart && service systran-trs-console restart
2. Then relog on SES Console web interface