Generate and download the CSR to get it signed by your chosen Certificate Authority (CA).
Ensure the signed certificate is in PEM format (Base-64 encoded X.509 - CER).
Navigate to the System > Certificate Management page in ZPC and the Import Certificate tab and select the Signed Certificate option.
SSH into the ZIRO machine and log in using the s8admin account, then select Restart Web Server from the menu.
Log back into ZPC from your browser and confirm the certificate has been successfully imported by checking the validity period.

Renewing an Existing Signed Certificate

Note

Warning - SAML SSO configuration changes required when renewing SSL certificate

Updating the ZIRO SSL certificate will break the existing SAML Single Sign-On functionality setup for ZIRO and will require adjustments to your Identity Provider (IdP) configuration.

Once a new SSL certificate is uploaded, users will be unable to sign in using SSO until you export the new Service Provider (SP) Metadata from the SAML Single Sign-On page and use it to adjust the Relying Party Trust configuration for ZIRO in your Identity Provider (IdP) configuration.

For more detailed steps, refer to the walkthrough guide Setting Up SSO for ZPC with ADFS.

View the expiry date of your certificate by navigating to System Health > System Health Status page.
View your current certificate details by accessing the certificate viewer in your browser while on the ZPC website.

...

Version	Old Version 13	New Version 14
Changes made by	Sean McDade	Sean McDade
Saved on	Dec 26, 2023	Dec 26, 2023

Versions Compared

Key

Renewing an Existing Signed Certificate

Page Comparison

Versions Compared

Key

Renewing an Existing Signed Certificate