Update SSL Certificate for TCM

Owned by Knowledge Assistant
Last updated: Oct 01, 2024 by Moriah Yorkey
1 min read
Description of Issue

SSL certificate for TCM has expired or needs to be updated

Context

  • Apache Tomcat

  • SSL Certificate

  • Tyler Content Manager (TCM)

  • TCM Certificate

Cause

Existing SSL certificate set to expire soon or has already expired

Resolution

  • Before starting, you will need a copy of the certificate as a .PFX along with the password

  • The TCM certificate conversion utility works best when the .PFX cert is placed on the desktop of the TCM server with a simple name such as cert20xx.pfx

  • .PFX file name cannot have any spaces

  1. Add .old to end of existing certificate file name in the Apache Certs directory (ex: D:\Apache Certs)

  2. Use the TCM Cert Utility to convert the .PFX certificate (with passphrase) into the .PEM format

    1. On the TCM Server, navigate to D:\Tyler Installs\CertUtil\CertUtility.exe

    2. Run CertUtility.exe as administrator

    3. Enter Cert Path: Current location of .PFX

    4. Enter Cert Destination: ApacheCerts folder

      1. ex: D:\ApacheCerts

    5. Enter Cert Password

    6. Click Create PEM

  3. Navigate to D:\ApacheCerts and rename the new .pem to match the previous cert’s name

  4. Open Windows Services and restart the Apache service(s)

    1. Please note: It may take a few minutes for Apache to fully start

  5. Open a browser and navigate to the TCM URL to verify that the certificate is now updated

Additional Information

If you do not have the CertUtility installed on your TCM server, please contact Tyler Systems Management Support or log a case via the Online Support Client Portal

Additional steps that may be needed: TCM Full Client certificate error using JLink - PKIX path building failed

Â