Updated September 7, 2018
Fixed issues
This hotfix addresses the following issues:
- Generating SHA-256 instead of SHA1 certificates for Patch Manager.
- Creating tasks with Approval options that include month time units in the Update Management Wizard.
Modified files
This hotfix modifies several files on the Primary Application Server and Secondary Application Server. The following table lists the files that are modified in this hotfix and the paths to their corresponding directories. All DLL files are used by the EminentWareDataGrid Service.
Location |
Modified Files |
%ProgramFiles%\SolarWinds\Patch Manager\Server |
SolarWinds.Utilities.WSUS2012PlusCertManagement.exe
|
%ProgramFiles(x86)%\SolarWinds\
Orion\Information Service\2.0
%ProgramFiles%\SolarWinds\Patch
Manager\Server
%ProgramFiles%\SolarWinds\Patch
Manager\Console
|
ewcertmgmt.dll
EminentWare.Task.dll
These files are used to generate certificates for Patch Manager and WSUS servers.
The EminentWare.Task.dll file is used for creating tasks.
|
Download
You can download this hotfix from the Customer Portal.
Hotfix 2 is a cumulative release and requires Patch Manager version 2.1.5.6002 with Hotfix 1.
Installation instructions
Install this hotfix on the Primary Application Server and Secondary Application Server.
Perform steps 1 through 11 on all Patch Manager instances, and then complete the remaining steps.
SolarWinds strongly recommends that you only edit the files mentioned in this article as instructed. Any additional modifications to this file may result in system performance issues or create an error state.
- Open Services and stop the EminentWare Data Grid Server service.
- Open Orion Service Manager and stop all Orion services.
- Go to Manage Computer certificates and delete the EminentWare CA and EminentWare Server certificates from:
Trusted Root Certification Authorities\Certificates
- Navigate to your custom installation folder or the following directory:
%ProgramFiles%\SolarWinds\Patch Manager\Server
- Back up the following files to another location:
SolarWinds.Utilities.WSUS2012PlusCertManagement.exe
ewcertmgmt.dll
EminentWare.Task.dll
- Copy the ewcertmgmt.dll and the EminentWare.Task.dll files included with this hotfix to the following directories, overwriting the existing files:
%ProgramFiles(x86)%\SolarWinds\Orion\Information Service\2.0
%ProgramFiles%\SolarWinds\Patch Manager\Server
%ProgramFiles%\SolarWinds\Patch Manager\Console
- Copy the SolarWinds.Utilities.WSUS2012PlusCertManagement.exe file included with this hotfix to the following directory, overwriting the existing file:
%ProgramFiles%\SolarWinds\Patch Manager\Server
- Open Services and start the EminentWare Data Grid Server service.
- Open Orion Service Manager and start all Orion services.
- Navigate to:
ProgramFiles%\SolarWinds\Patch Manager\Server
- At the command prompt, execute:
setuphelper.exe /reprovisioncertificates
The EminentWare CA and EminentWare Server SHA-256 certificates are generated.
- Repeat steps 1 through 11 for any remaining Patch Manager instances.
- Generate new SHA-256 WSUS Publishers Self-signed certificates for the WSUS servers.
- On the WSUS machines Navigate to the following Registry location:
HKEY_LOCAL_MACHINE\Software\Microsoft\Update Services\Server\Setup\
- Create the following DWORD value if it does not exist:
EnableSelfSignedCertificates = 1
- Go to Manage Computer certificates and delete the WSUS Publishing Certificate and WSUS Publishers Self-signed certificates from:
WSUS\Certificates
- Open the Patch Manager Administrator Console.
- In the navigation panel, expand Enterprise > Update Services and select the WSUS server.
- In the Actions panel, click Software Publishing Certificate.
- Make sure that the certificate field is equal to "None" for all WSUS servers.
If a certificate exists, select Patch Manager in the navigation panel and click Reconnect in the Actions panel.
- In the navigation panel, expand Administration and Reporting and select Software Publishing.
- In the Actions panel, click Server Publishing Setup Wizard.
- In the wizard, click the drop-down menu and select your WSUS server.
- Choose Create self-signed certificate, and press Next.
The Self-signed certificate is created.
- Open the Server Publishing Setup Wizard.
- Select Distribute existing WSUS signing certificate to required servers.
- Complete the wizard to distribute the certificate.
Hotfix 2 is installed.
Uninstall the hotfix
Perform steps 1 through 10 on all Patch Manager instances, and then complete the
remaining steps.
- Open Services and stop the EminentWare Data Grid Server service.
- Open Orion Service Manager and stop all Orion services.
- Go to Manage Computer certificates and delete the EminentWare CA and EminentWare Server certificates from:
Trusted Root Certification Authorities\Certificates
- Locate the following backup files:
SolarWinds.Utilities.WSUS2012PlusCertManagement.exe
ewcertmgmt.dll
EminentWare.Task.dll
- Copy the ewcertmgmt.dll and the EminentWare.Task.dll backup files to the following directories, overwriting the existing file in each directory:
%ProgramFiles(x86)%\SolarWinds\Orion\Information Service\2.0
%ProgramFiles%\SolarWinds\Patch Manager\Server
%ProgramFiles%\SolarWinds\Patch Manager\Console
- Copy the SolarWinds.Utilities.WSUS2012PlusCertManagement.exe backup file to the following directory, overwriting the existing file:
%ProgramFiles%\SolarWinds\Patch Manager\Server
- Open Services and start the EminentWare Data Grid Server service.
- Open Orion Service Manager and start all Orion services.
- Navigate to:
%ProgramFiles%\SolarWinds\Patch Manager\Server
- At the command prompt, run:
setuphelper.exe /reprovisioncertificates
The EminentWare CA and EminentWare Server SHA1 certificates are generated.
- Repeat steps 1 through 10 for any remaining Patch Manager instances.
- Generate SHA1 WSUS Publishers Self-signed certificates for the WSUS servers.
- On the WSUS servers, go to Manage Computer certificates and delete the WSUS Publishing Certificate and WSUS Publishers Self-signed certificates from:
WSUS\Certificates
- Open the Patch Manager Administrator Console.
- In the navigation panel, expand Enterprise > Update Services and select the WSUS server.
- In the Actions panel, click Software Publishing Certificate.
-
Make sure that the certificate field is equal to "None" for all WSUS servers.
If a certificate exists, select Patch Manager in the navigation panel and click Reconnect in the Actions panel.
-
In the navigation panel, expand Administration and Reporting and select Software Publishing.
-
In the Actions panel, click Server Publishing Setup Wizard.
-
In the wizard, click the drop-down menu and select your WSUS server.
-
Choose Create self-signed certificate, and press Next.
The Self-signed certificate is created.
-
Open the Server Publishing Setup Wizard.
-
Select Distribute existing WSUS signing certificate to required servers.
-
Complete the wizard to distribute the certificate.
Hotfix 2 is uninstalled.
For assistance, contact SolarWinds Technical Support.