Ask Me About Webinar: Data Center Assets - Modeling, Cooling, and CFD Simulation
Join our 30-minute expert session on July 10, 2025 (9:00 AM & 5:00 PM CET), to explore Digital Twins, cooling simulations, and IT infrastructure modeling. Learn how to boost resiliency and plan power capacity effectively. Register now to secure your spot!
Troubleshooting
How to troubleshoot and solve issues configuring the EcoStruxure IT Gateway
EcoStruxure IT Support
Submit a support request for additional assistance with EcoStruxure IT software.
Link copied. Please paste this link to share this article on your social media post.
Last Updated:
rich.pinegar
2025-06-17
07:30 AM
These instructions apply to EcoStruxure IT Gateway 2.0 and newer.
For older versions of the Gateway, the installation directory file path is: C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\gateway\conf...
Contact support for information about Gateway versions older than 1.16. |
IMPORTANT: An imported SSL certificate signed by a trusted certificate authority or a CA certificate imported to the keystore will not persist through an EcoStruxure IT Gateway update.
You must import the certificate again after you update your Gateway software.
These command examples are formatted for use in the Windows command prompt.
Using PowerShell requires using single quotes instead of the double quotes displayed below.
EcoStruxure IT Gateway stores the user interface SSL certificates in two Java keystore files in the C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\conf\keystore\ directory:
dcos.keystore (PrivateKeyEntry)
dcos.truststore (trustedCertEntry)
Open File Explorer and navigate to:
C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\conf\keystore\
Rename the existing dcos.keystore and dcos.truststore
The first value (CN) must match the hostname or FQDN (Fully Qualified Domain Name) of the server where EcoStruxure IT Gateway is installed
"C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\jre\bin\keytool.exe" -certreq -alias dcos -keystore dcos.keystore -file newGWcert.csr
Copy the root CA certificate (we will call this rootca.crt) and newGWcert.crt to the server where EcoStruxure IT Gateway is installed.
Open a command prompt and change the directory to C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\conf\keystore
Import the root CA certificate by typing the following command (this will create a new dcos.truststore and import the root certificate in that trust store):
“C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\jre\bin\keytool.exe" -importCert -trustcacerts -alias root -keyalg RSA -file rootca.crt -keystore dcos.truststore
EcoStruxure IT Gateway stores the user interface SSL certificates in two Java keystore files in the /opt/EcoStruxureITGateway/<current Gateway install version>/conf/keystore directory:
dcos.keystore (PrivateKeyEntry)
dcos.truststore (trustedCertEntry)
Note: All commands must be run as sudo
Create a new keystore for the trusted SSL certificate
Create a certificate signing request (CSR) and new SSL certificate signed by a trusted CA
Import the Root certificate and Web Server SSL certificate to the EcoStruxure IT Gateway keystore
Link copied. Please paste this link to share this article on your social media post.
Hello,
I would recommend under the Create a new keystore for the trusted SSL certificate for Step 4 to add argument '-validity 365' or any number, to set the number of days the certificate will be valid for, otherwise the default will be 3 months' time.
ex:
'/opt/EcoStruxureITGateway/<current Gateway install version>/jre/bin/keytool' -genkey -alias dcos -keyalg RSA -keystore dcos.keystore -keysize 2048 -validity 365
Hello,
I'm struggeliung now with this instruction to setup a EcoStruxure IT Gateway for almost a week. But got is solved. Could you please review on the points below and advise?
My findings in short:
keytool error: java.lang.Exception: Failed to establish chain from reply
Solution to establish the chain:
Many thanks and happy about a response
All this is useless.
After gateway update our certs are replaced with self signed certs agan!!!!!
Our development team notices the same exact problem as what wavecoma's comment says. The linux procedure needs to be reviewed to reflect any new changes to the directory when there's a new gateway version.
Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.
With achievable small steps, users progress and continually feel satisfaction in task accomplishment.
Usetiful Onboarding Checklist remembers the progress of every user, allowing them to take bite-sized journeys and continue where they left.
of