Skip to content

Certificate Renewal for TLS

The following article shows how to manually and automatically renew a X.509 certificate used for TLS in Board Connector.

Warning

Expired Certificate.
The Cryptographic key pair associated with the certificate is no longer valid and this may cause security risks. Always use a valid certificate. To access the Designer after a certificate has expired, delete the tls.json file in the Board Connector installation directory (C:\Program Files\BOARDConnector\config\servers\) and restart the Board Connector service. This resets all TLS settings in Board Connector, including the certificate selection.

Renewal with New Key

To renew a certificate with new key:

  1. Before the old certificate expires, install a new certificate on the server machine.
  2. Open the Board Connector Designer and reference the new certificate, see Install an X.509 Certificate.
  3. Delete the old certificate from the Microsoft Certificate Store.

Renewal with the Same Key"

To renew a certificate with the same key as before:

  1. Block external access to the Board Connector server using the firewall.
  2. Open the Board Connector Designer and navigate to Settings > Server.
  3. In the Web Server tab, select the protocol HTTP - Unrestricted to disable TLS.
  4. Click [OK] to save the settings. When prompted to restart the service, click [OK] again.
  5. Renew the certificate with the same key using Windows AD Certificate Services.
  6. Open the Board Connector Designer and enable TLS with the new certificate, see Activate TLS Encryption.
  7. Click [OK] to save the settings. When prompted to restart the service, click [OK] again.
  8. Allow external access to the Board Connector server using the firewall.

Note

If you use TLS encryption for the communication with the Board Connector Designer, make sure to also reference the new certificate in the Configuration Server tab of the server settings.

Last update: June 28, 2025
Written by: Valerie Schipka