How do we reconfigure Spectrum OneClick when our Cert ( Certificate ) Authority issues a brand new cert and private key?

All supported releases

1. Make a backup of the existing cacerts keystore:

cp /usr/Spectrum/custom/keystore/cacerts /usr/Spectrum/custom/keystore/cacerts.bak

2. Delete the existing tomcatssl alias (alter if you did not set things up with the default alias)

/usr/Spectrum/Java/bin/keytool -delete -keystore /usr/Spectrum/custom/keystore/cacerts -alias tomcatssl -storepass changeit

3. Using the certificate and keystore provided from your certificate authority, create a pkcs12 keystore (specify changeit when asked for the password):

openssl pkcs12 -export -in spectrum_new.cer -inkey private.key -out /usr/Spectrum/custom/keystore/server.p12 -name tomcatssl

4. Import the pkcs12 keystore into the OneClick cacerts keystore:

/usr/Spectrum/Java/bin/keytool -importkeystore -deststorepass changeit -destkeypass changeit -destkeystore /usr/Spectrum/custom/keystore/cacerts -srckeystore /usr/Spectrum/custom/keystore/server.p12 -srcstoretype PKCS12 -srcstorepass changeit -alias tomcatssl

5. Restart Tomcat and WebTomcat:

cd /usr/Spectrum

tomcat/bin/stopTomcat.sh; webtomcat/bin/stopWebTomcat.sh; tomcat/bin/startTomcat.sh; webtomcat/bin/startWebTomcat.sh