Update SSL Certificate on Data Tier
-----------------------------------

The following provides the procedures for updating the SSL Certification.

1. Replace the following two files on all the servers hosting HAWK-API and HAWK-iek (UX):

``user@host#: /etc/pki/tls/certs/localhost.crt``

``user@host#: /etc/pki/tls/private/localhost.key``

2. Make sure the correct permissions are set.

``user@host#: chmod 600 /etc/pki/tls/certs/localhost.crt``

``user@host#: chmod 600 /etc/pki/tls/private/localhost.key``

3. Restart the following services.

``user@host#: service nginx restart``
``user@host#: service httpd restart``

4. On the HAWK engines, edit the hawk-analyticsd.cfg, hawk-pulsed.cfg, and hawk-eventd.cfg files located in /opt/hawk/etc/:

.. code:: 

 # SSL Configuration
 # Toggle SSL Peer Verification. Set to False if using a self-signed SSL certificate.
 HTTPSSLVerifyPeer="True"
 HTTPSSLVerifyHost="True"

5. Restart the HAWK engine services:

``user@host#: service hawk-analyticsd restart``
``user@host#: service hawk-pulsed restart``
``user@host#: service hawk-eventd restart``

6. On the Data Tier, edit hawk-msgd.cfg and hawk-reports.cfg files located in /opt/hawk/etc/:

``insecure = false``

7. on the Data Tier, edit hawk-producerd.cfg file located in /opt/hawk/etc/:

.. code:: 

 # SSL Configuration
 # Toggle SSL Peer Verification. Set to False if using a self-signed SSL certificate.
 HTTPSSLVerifyPeer="True"
 HTTPSSLVerifyHost="True"


8. Go to the HAWK eyeCon UX and test that the correct SSL certificate is being used.