Orchestrator

2023.10

false

Getting started
- Introduction
- User options
- Logging in to Orchestrator
- Resetting your password
- Robots
  - Robot Statuses
  - Robot Settings
- Auto Updating Client Components
- Orchestrator Configuration Checklist
Best practices
- Organization Modeling in Orchestrator
- Managing Large Deployments
- Automation Best Practices
- Optimizing Unattended Infrastructure Using Machine Templates
- Unattended automation
- Organizing Resources With Tags
- Orchestrator Read-only Replica
- Exporting grids in the background
Tenant
- About the Tenant Context
- Searching for Resources in a Tenant
- Robots
- Folders
- Monitoring
- Managing Access and Automation Capabilities
- Machines
- Packages
- Audit
- Credential Stores
  - Managing credential stores
  - Integrating credential stores
- Webhooks
  - Types of Events
  - Managing Webhooks
- Alerts
- Settings - Tenant Level
Resource Catalog Service
- About Resource Catalog Service
Folders Context
- About the Folders Context
- Home
Automations
- About Automations
Processes
- About Processes
- Managing Processes
- Managing Package Requirements
- Recording
Jobs
- About Jobs
- Managing Jobs
- Job States
- Working With Long-running Workflows
- Running Personal Remote Automations
- Process Data Retention Policy
Triggers
- About triggers
  - Time triggers
  - Queue triggers
- Managing triggers
  - Creating a time trigger
  - Creating a queue trigger
- Managing Non-Working Days
- Using Cron Expressions
  - Triggering jobs on the last day of the month
Logs
- About Logs
- Managing Logs in Orchestrator
- Logging Levels
- Orchestrator Logs
Monitoring
- About Monitoring
- Machines
- Processes
- Queues
- Queues SLA
Queues
- About Queues and Transactions
- Bulk Uploading Queue Items Using a CSV File
- Managing Queues in Orchestrator
- Managing Queues in Studio
- Managing Transactions
  - Editing Transactions
  - Field Descriptions for the Transactions .csv File
- Review Requests
Assets
- About Assets
- Managing Assets in Orchestrator
- Managing Assets in Studio
- Storing Assets in Azure Key Vault (read-only)
- Storing Assets in HashiCorp Vault (read-only)
- Storing Assets in AWS Secrets Manager (read Only)
Storage Buckets
- About Storage Buckets
  - CORS/CSP Configuration
- Managing Storage Buckets
- Moving Bucket Data Between Storage Providers
Test Suite - Orchestrator
- Test Automation
- Test Cases
  - Field Descriptions for the Test Cases Page
- Test Sets
  - Field Descriptions for the Test Sets Page
- Test Executions
  - Field Descriptions for the Test Executions Page
- Test Schedules
  - Field Descriptions for the Test Schedules Page
- Test Data Queues
- Testing Data Retention Policy
Host administration
- Host Administration Portals
- Configuring System Email Notifications
- Managing System Administrators
- Managing Your Host License
  - Allocating Host Licenses to Tenants
  - Managing Your Licenses
- Orchestrator Host Settings
  - Tenant Settings - Host Level
  - Managing Tenants
- Host Authentication Settings
  - Re-configuring Authentication After Upgrade
- Host Audit Logs
- Customizing the Login Page
- Maintenance Mode
Identity Server
- About the UiPath Identity Server
Authentication
- Configuring the Active Directory Integration
- Configuring SSO: SAML 2.0
  - ADFS Authentication
  - Google Authentication
  - Okta Authentication
  - PingOne Authentication
  - Custom Mapping
  - Self-signed Certificates
  - Private Key Certificates
- Configuring SSO: Google
- Configuring SSO: Azure Active Directory
- SmartCard Authentication
Organization administration
- About Licensing
  - Activating Your License
- Accounts and Groups
  - Managing Accounts and Groups
  - FAQ
- Authorizing external applications
  - Managing external applications
  - Configuring fine-grained access for external apps
- Managing tags
- Audit Logs
- Overriding Authentication and Security
- Overriding System Email Settings
Other Configurations
- Increasing the Size Limit of Package Files
- Setting up Encryption Key Per Tenant
- GZIP Compression
Integrations
- About Input and Output Arguments
  - Example of Using Input and Output Arguments
Troubleshooting
- About Troubleshooting
- Frequently Encountered Orchestrator Errors
- Cron Expressions

Banner background image

Orchestrator User Guide

Last updated Apr 19, 2024

Self-signed Certificates

Self-signed certificates are a way to secure your data by encrypting the SAML response when using single-sign on authentication. Below you can find an example of generating and using self-signed certificates in OKTA.

Generating a Self-Signed Certificate

There are multiple software applications which allow you to generate self-signed certificates, such as OpenSSL, MakeCert, IIS, Pluralsight or SelfSSL. For this example, we use MakeCert. In order to make a self-signed certificate with a private key, run the following commands from the Command Prompt:

makecert -r -pe -n “CN=UiPath” -e 01/01/2019 -sky exchange -sv makecert.pvk makecert.cer
C:\Program Files (x86)\Microsoft SDKs\Windows\v7.1A\Bin\pvk2pfx.exe” -pvk makecert.pvk -spc makecert.cer -pfx makecert.pfx

Add the Certificate to Okta

Log in to Okta. The following setup is made in Classic UI view. You can change it from the drop-down on the top-right corner of the window.
On the Application tab, select your previously defined application.
On the General tab, in the SAML Settings section, click Edit.
On the Configure SAML tab, click Show Advanced Settings.
For the Assertion Encryption drop-down, select the Encrypted option.
The certificate is displayed in the Encryption Certificate field.

Set Orchestrator/Identity Server to Use the Certificate

Import the makecert.pfx certificate to the Windows certificate store using Microsoft Management Console. See here how to do that.
Log in to the host Management portal as a system administrator.
Click Security.

Note: If you are still using the old Admin experience, go to Users instead of Security.
Click Configure under SAML SSO:

The SAML SSO configuration page opens.
Under the Signing Certificate section, set the following:
- Store name - select My
- Store location - select LocalMachine
- Thumbprint - enter the thumbprint value you've previously prepared.
Click Save at the bottom to save you changes and close the panel.
Restart the IIS server.

On this page

Generating a Self-Signed Certificate
Add the Certificate to Okta
Set Orchestrator/Identity Server to Use the Certificate

Was this page helpful?

PREVIOUSCustom Mapping

NEXTPrivate Key Certificates

Support and Services

Get The Help You Need

Learning RPA - Automation Courses

UiPath Community Forum

Trust and Security

© 2005-2024 UiPath. All rights reserved.