Hub tunnels lost connection due to certificate expiration and no longer appear in IM

book

Article ID: 127959

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

Three Hubs/hub tunnels lost connection to the Primary hub due to certificate expiration and no longer appear in IM. 

Cause

- tunnel certificate expiration

Environment

- UIM any
- hub 7.80 and later

Resolution

  1. Select the hub probe on the Tunnel Server 
  2. Delete the expired certificate under "Issued Certificates" 
  3. Click 'New' to generate a new certificate 
  4. View the certificate and save it in Notepad, but make sure there are no extra leading or trailing characters 
  5. RDP to each of the hubs that are having trouble connecting to the Tunnel server/Primary Hub 
  6. Navigate to the <install_dir>\hub\cert 
  7. Edit 'client1.pem' using Notepad 
  8. Replace the contents of the file with the certificate contents you copied from the Tunnel Server 
  9. Save the file 
  10. Restart the hub robot 
  11. Check that the hub now reappears in the Infrastructure Manager

Additional Information

It is also possible to update the cert via IM console. 
Go to Security > Login > Advanced > at the bottom enter the IP address of the secondary hub with the expired cert. 
Then select hub > configure > Tunnels > Client Configuration > Edit > replace the cert.