Renewing OAuth Certificates
Hello fellow Aras developers, Here's another niche topic I recently had to tackle: renewing OAuth certificates. If you've been applying Aras patches (upgrade packages) over the years, your OAuth certificates are likely outdated. They expire every few years depending on your configuration and need renewal. I found several instructions online for manually replacing certificates, but they consistently resulted in: Authentication errors on sign-in ANCM Out-Of-Process Startup Failure After multiple attempts working with Aras Support, I took a different approach: Downloaded the out-of-the-box installer for our version (Release 36) and ran it on our production environment. Yes, even though the upgraded Release 36 was already installed. Selected 'Custom Installation' and chose ONLY the OAuth module. This generated a clean OAuth folder with a fresh set of certificates. Copied (overwrite) all the certificates (CTRL + A) into these directories (probably overkill, but redundant certs are harmless and it makes the process much faster): OAuthServer\App_Data\Certificates\ Innovator\Server\App_Data\Certificates\ Innovator\Client\App_Data\Certificates\ SelfServiceReporting\App_Data\Certificates\ VaultServer\App_Data\Certificates\ Updated the OAuth.config file in \OAuthServer\ with our internal production endpoint. iisreset (from command prompt as Administrator) Note: If you run the installer on a machine that already hosts an existing Aras instance, make sure to run changeguid.exe on the innovatorsetup.msi first to avoid impacting the current installation. Done! Please let me know if this helped and/or how I can improve this post. Let's make it a community effort to have up-to-date information for all of us.