How can we help?

Can I import my existing Netsweeper certificates into my new el8 server?


This article will walk you through the process of importing your certificates into your new el8 Netsweeper deployment.

When upgrading to the el8 version of Netsweeper 7 and above, you do not need to push out another decryption certificate to end-use devices, or deploy a new WebAdmin certificate.  You can use this guide to import the existing certificates from your el6-based deployment.

The first step is to gather what you need from your current deployment.  For decryption, you will need the CA certificate and its key.  For securing the WebAdmin, you will need the Apache certificate and its key.

To find the certificates, log into your WebAdmin server via SSH, and elevate your permissions to the root user.

To export the certificate and key for authorizing decryption requests:

  • navigate to /usr/local/netsweeper/etc/
  • copy the certificate file (ca.crt) and key file (ca.key) to your /home/admin/ folder.

To export the certificate and key for securing the WebAdmin:

  • navigate to /etc/pki/tls/
  • copy the certificate file (localhost.cert) and its key file (localhost.key) to the /home/admin/ folder.

You can now retrieve the files with an SCP application and then use the same application to import them into the /home/admin/ directory of your new WebAdmin Server.

Once they are imported, simply copy or move the files back into their respective places in the new directory, which will overwrite the existing files.  This allows you to upgrade your deployment to the newer el8 platform without needing to redeploy new certificates to all your end-user devices.

NOTE: for more information on the el6 and el8 versions of Netsweeper, please see our Netsweeper and End-of-Life Support for el6 blog post, or reach out to Netsweeper Support by emailing

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request