[GIC] Renew gic.wustl.edu certificates
-
David Osipov noticed that the web certificate for https://gic.wustl.edu was expiring today. We went through the process together to renew the certificate for another year
-
Create a certificate
logseq.order-list-type:: number
a. Go to Azure Portal's Key Vault (wusm-prod-kvcertificate section)
b. Enter into thegic-wustl-edu-2certificate section
c. Click on "New Version"
d. Use all the defaults, and press the "Create" button
e. Download the generated*.csrfile -
Request a SSL certificate from WUSTL IT
logseq.order-list-type:: number
a. go to the WUSTL IT Service Now Desk https://wustl.service-now.com/sp/
b. search for "ssl" in the search box
c. click on the "SSL Certificates" result
d. Enter:
i. Request Type:regular
ii. SSL certificate hosted by 3rd-party vendor:no
iii. ensure that the "Check this box to indicate that a valid CSR (see example) has been attached to this form" checkbox is enabled
iv. upload the*.csrfile generated in Phase 1
v. note the service now ticket link and number RITM0269842
vi. wait for WUSTL IT to respond should see an email like: "Enrollment Successful - Your SSL certificate for gic.wustl.edu is ready" -
Upload WUSTL signed certificate to Azure Key Vault
a. From the WUSTL IT email received in Phase 2, download the "Certificate (w/ chain), PEM encoded" option to your computer.
b. go to the gic-wustl-edu certificate section of azure key vault and press the "Certificate Operation" button
c. in the resulting dialog, press the "merge signed request" button, and upload the downloaded certificate from step a.
d. should be all done! according to Osipov, David we won't notice any changes until the app gateway refreshes with the new certificate. we don't know how long that takes. give it at least 24 hours before investigating further.