How to update the WinRM SSL certificate on environments deployed in your subscription
For environments deployed in your subscription that are not managed by Microsoft, the WinRM SSL certificate will expire one year from the date the environment was deployed. If your WinRM SSL certificate has expired, you will see the following error message when rotating secrets using the Maintain > Rotate Secrets through Lifecycle Services.
You can also log in to the environment, type certmgr to open the Certificate Manager and navigate to Local Machine / Personal / Certificates to check the expiration date on the certificate. The certificate name will be the same as the name of the VM deployed.
To renew this certificate, follow the steps listed below:
- Navigate to Lifecycle Services.
- In the Shared Asset library, click the Model
- Download the Renew WinRM certificate folder.
- Extract the zip file to a local folder.
- Follow the steps in the README.txt
To confirm that the certificate was rotated correctly, log in to the environment, type certmgr to open the Certificate Manager and navigate to Local Machine / Personal / Certificates to check the expiration date on the certificate with the same name as the VM name.
