Patch Manager uses a 2048-bit security certificate to encrypt all communications between Patch Manager servers and the console sessions.
A single SolarWinds Patch Manager server includes at least two certificates:
- Certificate installed on the Primary Application Server (PAS) for the certificate authority (CA)
- Certificate for each server installation (which includes the PAS)
When Patch Manager revokes a certificate, it indicates this action at the beginning of the certificate name. This process occurs when you replace a certificate or uninstall a Patch Manager server. In these cases, you can delete the revoked certificate.
Delete a Patch Manager certificate
- Log in to the Patch Manager Admin Console as an administrator.
In the navigation pane, expand Patch Manager Server System Configuration and select Security and User Management.
In the center pane, click the Server Certificates tab.
- Select the certificate you want to delete.
- In the Actions pane, click Delete.
When prompted, click Yes.
The certificate is deleted.
Deploy a Patch Manager certificate using Group Policy
You can deploy a certificate to multiple computers by using the Active Directory Domain Services and Group Policy Object (GPO). This procedure is useful each time a certificate needs to be pushed to clients. For example, you can use this procedure to push a WSUS self-signed or CA-signed certificate to all of your clients before they can trust the published third party packages.
See Deploy certificates using Group policy for details.