Changing The SSL Certificate For UiPath Orchestrator Website

How to change the certificate if it gets expired in Orchestrator, v2020.4.x onwards?

Note: This is applicable for all versions.

  1. Import the certificate under Personal folder using the mmc, certificates console
  2. Give access for managing the private keys of the certificate for the user that runs the application pool, from the same Microsoft certificates console,
2.png
  1. Add IIS_IUSRS as well in the users along with the application pool user. Be sure to set the server as Location.
3.png
  1. Copy the certificate from the Personal folder to the Trusted Root Authorities folder if a self-signed certificate is used, as per the prerequisites.
  2. Find the thumbprint by viewing the certificate details
1.png
  1. Below are two options: If manual update desired, go to step 13-16 if it needs to be made automatically updated, check steps 7-12
  2. Automatic Certificate Change can be performed by referring the Platform Configuration Tool - Changing Certificates After Installation
  3. Go to the Platform Configuration Tool folder, under the Orchestrator installation folder ( usually C:\Program Files (x86)\UiPath\Orchestrator\Tools\PlatformConfiguration)
  4. In the folder Platform -> Click on file (1) -> Click on Windows PowerShell (2)-> Open Windows PowerShell as administrator (3),
​​​​​image.png
  1. In a Notepad paste the script and replace inside the 2 values inside the quotes of a1b2c3d4 and z6y5x4v3 with the Thumbprint of the certificate.
.\Platform.Configuration.Tool.ps1 `
  -UpdateUiPathCertificate `
  -SiteName "UiPath Orchestrator" `
  -NewSSLThumbprint "a1b2c3d4" `
  -NewTokenSigningThumbprint "z6y5x4v3"
  1. Copy the script and paste it on the Command line and run it. This will automatically replace the thumbprint for the Orchestrator and identity server and also reset the server
  2. Open the browser and check if the Orchestrator is accessible
  3. Manual Certificate Change: Update the certificate thumbprint under AppSettings, by replacing the Certificate_thumbprint with the new value in the C:\Program Files (x86)\UiPath\Orchestrator\Identity\appsettings.Production.json .
"AppSettings": {

(.....)

"StoreLocation": {
"Name": "{Certificate_thumbprint},",
  1. Open IIS Manager and modify the binding for the UiPath Orchestrator website,
image.png
  1. Run CMD as admin and execute "iisreset"
  2. Browse the website and check if the certificate has been loaded correctly.
image.png
4 Likes

I will try that, and will let you know