How to renew Automation Suite TLS Self-Signed Certificate?

Issue Description: How to renew the Automation Suite TLS Self-Signed Certificate.

Background: Typically its best to always use properly issued TLS certificates, either issued by your domain admin or a third party. However in some scenarios (i.e an emergency or if using an application load balancer) it might be necessary to do a renewal with a self-signed certificate.

Resolution

1. Download the attached script. (tlsSelfSignedRenewal.sh)
2. Login to the linux machine that is used to access automation suite and copy the script on to the machine.
3. Go to the installation directory of your cluster.
   • This is typically /opt/UiPathAutomationSuite
   • However, it may be something like /opt/UiPathAutomationSuite/{version}/installer
     • i.e. /opt/UiPathAutomationSuite/22.4.1/installer
4. Copy the file into the installation directory.
5. Verify that the folder contains the cluster_config.json.(ls -lrt cluster_config.json)
   • If it does not, move the file there.
6. Change the permisions of the script so its executable
   • chmod 755 ./tlsSelfSignedRenewal.sh
7. Execute the script
   • ./tlsSelfSignedRenewal.sh
8. The script will renew the self-signed certificate for 10 years.
9. Add the newly generated root ca cert to the trust store in the host machine/VM.
   • cp /path/to/rootCA.crt /usr/share/pki/ca-trust-source/anchors/
   • update-ca-trust