Recent Control & Safety Systems Discussions
Similar Posts
Open backup files for xcf extension history
S Series Extension Cables to 8-Wide Carriers
Noise Disturbance immunity certificate
What is in a SIL Safety Certification
VIDEO: Best Practices for Choosing & Integrating Mobile Solutions
Share

DeltaV Mobile Self Signed Certificate Extension Beyond 90 Days Solution

Currently Emerson does not have a way to make a cert longer than 90 days if you do not do it during the initial installation........

Using powershell you can clone the existing cert and then extend it as long as you wish.  Using a self signed cert does come with some risks and you should do an assessment as to which kind of cert will best serve you and your plant.  You will need to go in to IIS afterwards and assign the new cert once complete.  The new cert will also have to be imported on all of the machines/devices that used the original cert.

This will list the thumbprints of the certs.  You will need to identify and copy the one from the 90 cert.  I find it better to copy and paste the value than type it in.  You can verify which one is correct by examining your current cert.  This is by no means the best way it is just the one that I came up with and worked for me.  I attempted to make a new cert from scratch but there were a few settings I had difficulty with and ultimately cloning the working one gave me immediate success.

PS C:\>Get-ChildItem -path cert:\LocalMachine\My

Set the file path

PS C:\> Set-Location -Path "cert:\LocalMachine\My"

Assign the old cert to a variable $oldcert.  Need to paste in the thumbprint of the current cert.

PS Cert:\LocalMachine\My> $OldCert = (Get-ChildItem -Path "thumbprint of 90 day cert")

This will generate the new cert based off of the old one with a ten year expiration.  You will also see the new thumbprint which you will need later  Below makes a 1 year cert but you can make it longer.

PS Cert:\LocalMachine\My> New-SelfSignedCertificate -CloneCert $OldCert -NotAfter (Get-Date).AddYears(1)

Store a password for the cert to be exported. (change YourPassword)

PS Cert:\LocalMachine\My>$CertPassword = ConvertTo-SecureString -String “YourPassword” -Force –AsPlainText

Exporting the new cert to the C drive.  Need to paste the thumbprint of the new cert in the command

PS Cert:\LocalMachine\My>Export-PfxCertificate -Cert cert:\LocalMachine\My\"thumbprint of new cert" -FilePath C:\cert_name.pfx -Password $CertPassword

After this you will need to import the cert to the trusted root using the password assigned in the process.

Hope this helps some people out.

Daugenet

This is the official online community site of the Emerson Global Users Exchange, a forum for the free exchange of non-proprietary information among the global user community of all Emerson Automation Solution's products and services. Our goal is to improve the efficiency and use of automation systems and solutions employed at members’ facilities by sharing our knowledge, experiences, and application information.

User Groups | World Areas | Community Guidelines | Legal Information | Privacy Policy | Contact Community Manager

Website translation provided by Website Translator

© 2015-2022 Emerson Global Users Exchange. All rights reserved.