• The Java Key story file (trustedcerts.jks.) does not have the current server certificate details updated.
• The java Key store file (trustedcerts.jks.) just updated with current date of apply but NOT the server certificate which we have applied and we could see the previous year of apply in 2019 & 2021. Example as below:

Alias name: cn=xxxx,ou=xxxx,o=xxx,c=xxxx
Creation date: jul 5, 2023 (This part only updated)
Entry type: trustedCertEntry

Owner: xxxx, OU=xxxx, O=xxxx, C=xxx
Issuer: CN=xxx, OU=xxx, O=xxx, C=xxx
Valid from: Mon Oct 03 02:00:01 CEST 2016 until: Fri Oct 03 01:59:59 CEST 2036

We have Not applied the Root & Intermediate certificate as it is getting expired in 2036 so we didn’t apply it and please find the high level of steps which we have followed.

1. Created the Key & CSR file.
2. Stopped the SAS server and took the required back up.
3. Remove existing certificates using Deployment Manager (xxxxx-mid1.xxxx.xxx.cer)
4. From p7b file extracted the server certificate (xxxxx-mid1.xxxx.xxx.cer) alone and NOT the Root & Intermediate.( Location : /opt/sas/SASInstallFolder/SASSecurityCertificateFramework/1.1/cacerts/)
5. Adding new certificates via the Deployment Manager . update in the above location.
6. Verified and in the browser and also in the openssl x509 -in xxxx-mid1.xx.xx-noout -text. the Valid from changed to 2025.

Don't know why it is not updating in the trustedcerts.jks.

trustedcerts.pem - it as the details of root and intermediate.