How to Renew the ICG Certificate

You can renew your IGEL Cloud Gateway (ICG) certificate using the ICG Keystore Update Wizard. The ICG Keystore Update Wizard simplifies the upload of a new keystore to the ICG server.

Prerequisites

• UMS 5.09.100 or higher

• An ICG keystore you wish to update

• SSH root access to the host running the ICG; as of UMS 5.09.110, it is sufficient for the SSH user to have sudo privileges

Instructions

To update a keystore, proceed as follows:

1. Start the UMS Console.
   

2. Go to UMS Administration > Global Configuration > Certificate Management > Cloud Gateway.
   

3. If your signed certificate has expired, create a new signed certificate:

   1. Select the appropriate root certificate, open the context menu and select Create signed certificate.

   2. Enter the required data and click OK.
      

4. Select the signed certificate that is to be used. If you omit this step, an error message will be shown in the next step.
   

5. Go to UMS Administration > UMS Network > IGEL Cloud Gateway.
   

6. In the toolbar in the upper right, click

   
   The Keystore Update wizard opens.
   

7. Select the keystore you want transfer to the ICG server, then click Next.
   

8. Enter the SSH connection parameters:

   • SSH host: The host the ICG is running on (Default: localhost)

   • SSH port: SSH port (Default: 22)

     

     The SSH user must have root access.

     UMS 5.09.110 and higher: It is sufficient for the SSH user to have sudo privileges.

     

     Root access to the SSH server is a security risk!

     Make sure you disable root access to the SSH server when the keystore updating process has finished.

   • SSH user: SSH user

   • SSH password: SSH user password
     

9. Click Next to start the update process.
   The keystore is being updated.
   

10. Click Finish.