Replace/renew your SSL certificate in ConnectWise OnPrem

So, the time has come and your SSL certificate is about to expire in your ConnectWise (ScreenConnect) on prem solution.

I’m basing this article on this articles by ConnectWise: 1 , 2

1. Using CMD, verify which of the IPs of the server had a binded certificate to it using:

netsh http show sslcert

2. Delete all relevent ipport bindings:

netsh http delete sslcert ipport=0.0.0.0:443
netsh http delete sslcert ipport=x.x.x.x:443

3. To avoid any events in your Event Viewer logs (as follows), open certlm.msc > Computer > Personal and delete the old certificate that is about to expire:

4. ConnectWise, currently, doesn’t allow you to create a certificate request and sign it. You’ll have to use OpenSSL generate a key + CSR and bind it afterwards.

Once the certificate is ready, place it in the personal container under computer in certlm.msc

5. Copy the certificate’s Thumbprint:

Note that when you copy this string a question mark (?) is added to the beginning of it. Delete it.

6. Bind the thumbprint (certhash) to the network interface:

netsh http add sslcert ipport=0.0.0.0:443 certhash=d40b447472ce617d71ee9862a88eef2d2634bca8 appid="{00000000-0000-0000-0000-000000000000}"

Continue doing so for all IPs.

7. Restart the services or the server.