When replacing the SSL certificate used by the ReadyWorks Server (RWS), it’s critical to follow a structured process to maintain service availability and secure connections. If you have the .crt (certificate) and .key (private key) files from your Certificate Authority (CA), you can proceed with the following steps.
✅ Pre-Requisites
- Ensure the .crt and .key files are valid and correctly signed by a trusted CA.
- Backup the current certificates before proceeding.
Step-by-Step Instructions
Locate the Current Certificate Files
- On your ReadyWorks host server, navigate to the certs directory, typically located at:
c:\readyworks/certs
- Identify the current certificate and key file names (commonly named server.crt and server.key, but this may vary based on your configuration).
Backup Existing Files
- Before making any changes, copy the existing .crt and .key file into a secure and easy to remember backup folder/location.
Deploy New Certificates
- Copy the new .crt and .key files into the certs directory
- Rename the new files to match the current filenames, replacing the original files
Restart the ReadyWorks Service
- Apply the changes by restarting the ReadyWorks service
- Open the ReadyWorks server and click restart next to apache
✅ Post-Replacement Checklist
- Access the ReadyWorks portal via HTTPS and confirm that the new certificate is presented.
- Check the certificate details (issuer, expiration, etc.) in the browser to ensure correctness.
- Optionally, use tools like openssl s_client or curl -v to validate the certificate at the command line.
📌 Additional Recommendations
- Schedule certificate replacements during maintenance windows to minimize service impact.
- Set calendar reminders or monitoring alerts for upcoming certificate expirations.
- Maintain a version history of all deployed certificates for auditing purposes.