If you remember the password you used to generate the original certificate for this tunnel:
- Select the hub probe on the Tunnel Server
- Delete the expired certificate under "Issued Certificates"
- Click 'New' to generate a new certificate
- When generating the certificate use the same password that you used before. If you do not remember it - use a new one, then follow the steps below to replace the existing encrypted password string.
- View the certificate and save it in Notepad, but make sure there are no extra leading or trailing characters
- RDP to each of the hubs that are having trouble connecting to the Tunnel server/Primary Hub
- Navigate to the <install_dir>\hub\cert
- Edit 'client1.pem' using Notepad
- Replace the contents of the file with the certificate contents you copied from the Tunnel Server
- Save the file
- Restart the hub robot
- Check that the hub now reappears in the Infrastructure Manager
If you do not remember the password you originally used
If you do not remember the original password, the above procedure still applies, but you will also need to do the following to generate a new encrypted password string:
- Navigate to an existing hub in the environment that has tunneling enabled - it can be a tunnel server or client
- Go to the Client Configuration tab and proceed as though you are creating a new Tunnel Client connection.
- For the IP address of the tunnel server to connect to, put in a bogus address like 10.10.10.10 for example.
- In the "certificate" window just put any random characters so that the window is not empty
- In the password field, put the same password that you used to generate the new certificate
- Click Apply/OK and restart the hub.
- Now you can open the hub.cfg and locate the <tunnel> section and then <client>
- Find the "bogus" client entry you created, e.g. 10.10.10.10
- Copy the encrypted password string from here and paste it into hub.cfg on the client whose certificate you are replacing