question

MercuryZ avatar image
0 Votes"
MercuryZ asked MercuryZ commented

ATAGateway Certificates in Domain Controllers?

Hi

I recently found 2 certificates in my DC's personal certificate store, 1 expired a few years ago and one is about to expire. They are self signed by ATAGateway and also have ATAGateway as their friendly name.

I guess ATA automatically creates these certificates when I install a lightweight gateway on my DCs but my questions are :

Can I delete the expired one?
Will the gateway automatically create a new cert when the 2nd one expires?
I have certificate monitors alerting me when a certificate is about to expire, is there a way to manually make ATA re-create a certificate so I can just have a new one that isn't about to expire?

windows-serverems-advanced-threat-analytics
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,

Thanks for your posting.

Would you mind to help to confirm whether the certificate on the ATA Center is also going to expire or not? It is useful to provide a screenshot. Please note that cover your personal information while provide any screenshot on this forum.

Regards,
Rita

0 Votes 0 ·

Hi

Thanks, I'll be waiting for your response

0 Votes 0 ·
EliOfek-7626 avatar image
1 Vote"
EliOfek-7626 answered MercuryZ commented

You can safely delete the expired ones.
The Gateway will auto create a new certificate once less than 30 days are left for the existing one.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks Eli!

ATA is a great piece of software and we need it to stay on-prem for offline environments!

1 Vote 1 ·

Thanks for sharing on this forum. Have a nice day.
@EliOfek-7626

0 Votes 0 ·
RitaHu-MSFT avatar image
0 Votes"
RitaHu-MSFT answered RitaHu-MSFT edited

Hi MercuryZ,

Thanks for your reply.

Have you checked ahether the certificate of ATA Center is about to expire or not? If yes, please refer to the below link to create a new certificate and replace the old one.
https://docs.microsoft.com/en-us/advanced-threat-analytics/modifying-ata-center-configuration

According to the above link, the ATA Center service will activate the new certificate and the ATA Gateway will connect to the ATA Center using the new certificate.

Hope the above will be helpful.

Regards,
Rita


If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MercuryZ avatar image
0 Votes"
MercuryZ answered RitaHu-MSFT commented

The certificate the article refers is the certificate used by the ATA Center and the web access. This is a certificate I created and know of.

I'm speaking of certificates I found in my DC's store, they seem self signed by ATA and I never knew of their existence until my monitor for expired certificates showed them.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Would you mind provide a screenshot for reference? Please note that cover your personal information.

Thanks for your cooperation. Have a nice day.

Regards,
Rita

0 Votes 0 ·