Renew a certificate

Certificates expire after a pre-defined period. To minimize disruptions, Okta recommends renewing certificates before they expire.

Start the task

  1. Open the Advanced Server Access dashboard.
  2. In the user menu, click Team Settings.
  3. Go to the Passwordless Certificates tab.
  4. Clone an existing record.
    1. Identify the expiring certificate.
    2. Click gear icon > Clone.
    3. In the Create Certificate Signing Request window, enter a new name.
    4. Click Create Certificate Signing Request.
  5. Create a certificate. See Create a certificate with a certificate signing request.
  6. Distribute the certificate to AD servers. See Configure group policies for AD servers.
  7. Upload a new certificate.
    1. Identify the created certificate record.
    2. Click Gear icon. > Upload certificate.
    3. In the Upload Certificate window, click Browse files.
    4. In the file explorer window, locate the certificate file on your local device.
    5. In the Upload Certificate window, click Upload.

Related topics