Undo certificate replacement processΒΆ

If an exception raises during the certification replacement process, you can undo the entire process by replacing current certificate files for its backup copies.

The process affects the following files:

File Usage
BASE_PATH/ssl/keystore Java keystore used by Apache Tomcat to serve HTTPS encoded content
BASE_PATH/ssl/truststore Java Runtime trusted public certificates keystore

This files are backup before starting the process by appending a timestamp to its name.

To restore them, we will stop the web service and replace the generated files with the latest backup files.

iochembd$  BASE_PATH/apache-tomcat/bin/shutdown.sh -force

iochembd$  cp BASE_PATH/ssl/keystore_161019191826 BASE_PATH/ssl/keystore
iochembd$  cp BASE_PATH/ssl/truststore_161019191826  BASE_PATH/ssl/truststore

iochembd$  BASE_PATH/apache-tomcat/bin/startup.sh

With these steps, our original certificates will be restored and the faulty update process fixed.