Issue with HTTPS Access to Axiom in Canary Historian (Lab vs. Prod)
We have both Lab and Production setups of the Canary Historian. In our Lab setup, HTTPS access to Axiom works correctly. However, in Production, it fails.
Upon investigation, we found that the self-signed certificate generated by the Prod Canary Historian is missing the "Subject Alternative Name" (SAN), whereas the Lab setup includes it.
We need to determine:
- Can Canary regenerate a self-signed certificate that includes the SAN field?
- If not, can we use a custom self-signed certificate, and if so, what is the correct process for installing and configuring it without impacting production?
Any guidance or official documentation on this would be greatly appreciated.
6 replies
-
Which version of canary/axiom are you on? And lab and prod the same version?
-
Hey Damon,
Thank you for your response.
Yes, both are at version 23.2.1.24029
-
You can regenerate a certificate by deleting the old one in the personal store and restarting the Admin service. When the service starts up, if it can't find the configured cert, it will create one.
-
You could try stopping ALL services, deleting the cert within the certificate store, then just restarting the Admin service to make sure it generates the cert. It will create a new cert based upon the information that is configured in the CanaryAdministrator.exe.admin file.
Print this page