Renew Automation Suite TLS Self-Signed Certificate

How to renew Automation Suite TLS Self-Signed Certificate?

Issue Description: How to renew the Automation Suite TLS Self-Signed Certificate.

Background: Typically its best to always use properly issued TLS certificates, either issued by your domain admin or a third party. However in some scenarios (i.e an emergency or if using an application load balancer) it might be necessary to do a renewal with a self-signed certificate.


  1. Download the attached script. (
  2. Login to the linux machine that is used to access automation suite and copy the script on to the machine.
  3. Go to the installation directory of your cluster.
    • This is typically /opt/UiPathAutomationSuite
    • However, it may be something like /opt/UiPathAutomationSuite/{version}/installer
      • i.e. /opt/UiPathAutomationSuite/22.4.1/installer
  4. Copy the file into the installation directory.
  5. Verify that the folder contains the cluster_config.json.(ls -lrt cluster_config.json)
    • If it does not, move the file there.
  6. Change the permisions of the script so its executable
    • chmod 755 ./
  7. Execute the script
    • ./
  8. The script will renew the self-signed certificate for 10 years.
  9. Add the newly generated root ca cert to the trust store in the host machine/VM.
    • cp /path/to/rootCA.crt /usr/share/pki/ca-trust-source/anchors/
    • update-ca-trust