We will be upgrading from SOI CUM2 to CUM 4 in several weeks.  While reviewing the installation instructions; the following has been found and we want clarification on these steps, because this appears to be something new. 

In particular Step H is where we have a question. 

Since we already have SSL certs already deployed to our UI servers, is this step necessary?

Release : 4.2 CU4

This step was added as part of the remediation of the Coverity Security Vulnerabilities.

User story 788925

Coverity issues verification ( Script code injection, Unsafe deserialization, Cross-site request forgery)

The new step introduced in CU4 install directions is a part of Coverity security vulnerability remediation.

1. Run soitoolbox.exe --addCertToTrustStore command on SOI UI Server after CU4 upgrade (for distributed environments only).

The above command imports the manager certificate into the UI Server to create a trusted environment and unless the user imports the cert in the trust store of the UI Server this will fail. (UI will not be up and running).

SOI-4-2-CU4

These steps are not related to the regular ssl certs used by SOI (if https is enabled).

These steps are additional and are mandatory for distributed environments.