Re-generating keys

You can re-generate your SSL keys with a new passphrase.

This task presumes that you have already generated a set of SSL keys and now want to re-generate them with a different passphrase.

When generating key certificates, keep in mind that you cannot generate a new set of keys if a previous set already exists. If you attempt to do so, the generate_ssl_keys utility fails with this error message:
SSL key files already exist!

If you intend to re-push existing SSL config across your WLS cluster,
run again and add the --syncOnly flag

Exiting with error state!

In this case, you must use the following procedure.

To re-generate the SSL key certificates:

  1. Go to the $DOMAIN_HOME/<endeca_server_domain>/config/ssl directory (where endeca_server_domain is the name of your WebLogic domain for the Endeca Server).
    You can use a command prompt or Windows Explorer (on Windows).
  2. Delete all the certificate key files.
  3. Run the generate_ssl_keys utility, as documented in Creating SSL certificates.
    You will be specifying the new passphrase with the --sslPassphrase flag.
  4. Stop and then re-start the WebLogic Admin Server.

After the server re-starts, you will use the new passphrase when you run Endeca Server commands.