Orchestrator

2020.10

false

Getting started
- Introduction
- Logging in to Orchestrator
- Resetting Your Password
- Robots
  - Robot Statuses
  - Robot Settings
- Activities Feeds
Best practices
- Organization Modeling in Orchestrator
- Managing Large Deployments
- Automation Best Practices
Tenant
- About the Tenant Context
- Robots
- Folders
- About Users
- Roles
  - Default Roles
  - Managing Roles
- Machines
  - Managing Machines
- Packages
- Audit
- Credential Stores
- Webhooks
  - Types of Events
  - Managing Webhooks
- About Licensing
  - Activating Your License
  - Managing Your Licenses
- Alerts
  - Alert Emails
  - Setting Up Alert Emails
- Settings
Actions
- About Actions
- Managing Actions
Folders Context
- About the Folders Context
- Home
  - Overview
Automations
- About Automations
Processes
- About Processes
- Managing Processes
- About Recording
Jobs
- About Jobs
- Managing Jobs
- Job States
Triggers
- About Triggers
- Managing Triggers
- Using Cron Expressions
Logs
- About Logs
- Managing Logs in Orchestrator
- Logging Levels
- Orchestrator Logs
- Protecting Sensitive Information in Studio
Monitoring
- About Monitoring
- Machines
- Processes
- Queues
- Queues SLA
Queues
- About Queues and Transactions
- Managing Queues in Orchestrator
- Managing Queues in Studio
- Managing Transactions
  - Editing Transactions
  - Field Descriptions for the Transactions .csv File
- Review Requests
Assets
- About Assets
- Managing Assets in Orchestrator
- Managing Assets in Studio
Storage Buckets
- About Storage Buckets
  - CORS/CSP Configuration
- Managing Storage Buckets
- Moving Bucket Data Between Storage Providers
Test Suite - Orchestrator
- Test Cases
  - Field Descriptions for the Test Cases Page
- Test Sets
  - Field Descriptions for the Test Sets Page
- Test Executions
  - Field Descriptions for the Test Executions Page
- Test Schedules
  - Field Descriptions for the Test Schedules Page
- Test Data Queues
Action Catalogs
- About Action Catalogs
- Managing Action Catalogs
Profile
- About the Profile Page
- Managing Profile Settings
System Administrator
- About System Administrators
- Managing Tenants
- Field Descriptions for the Host Settings Page
- Maintenance Mode
Identity Server
- About Identity Server
- Identity Management Portal
- External Identity Providers
  - Field Descriptions for External Providers Page
- Installation Access Token
Authentication
- Configuring the Active Directory Integration
- Configuring SSO: SAML 2.0
  - ADFS Authentication
  - Google Authentication
  - OKTA Authentication
  - PingOne Authentication
  - Custom Mapping
  - Self-Signed Certificates
  - Private Key Certificates
- Configuring SSO: Google
- Configuring SSO: Azure Active Directory
- SmartCard Authentication
- Setting Up Auto Login for Users Under an Active Directory Group
- Configuring the SMTP Server
- Changing the Windows Authentication Protocol
Other Configurations
- Increasing the Size Limit of Package Files
- Opting Out of Telemetry
- Setting up Encryption Key Per Tenant
- GZIP Compression
Integrations
- About Input and Output Arguments
  - Example of Using Input and Output Arguments
Classic Robots
- Robots
- Environments
  - Managing Environments
- Jobs
- Triggers
- Monitoring
  - Robots
- Resources
Troubleshooting
- IE 11.0.9600.17031 Issues
- Frequently Encountered Orchestrator Errors
- Cron Expressions
- Upgrade Issues

Banner background image

OUT OF SUPPORT

Orchestrator User Guide

Last updated Dec 12, 2023

Self-Signed Certificates

Self-signed certificates are a way to secure your data by encrypting the SAML response when using single-sign on authentication. Below you can find an example of generating and using self-signed certificates in OKTA.

Generating a Self-Signed Certificate

There are multiple software applications which allow you to generate self-signed certificates, such as OpenSSL, MakeCert, IIS, Pluralsight or SelfSSL. For this example, we use MakeCert. In order to make a self-signed certificate with a private key, run the following commands from the Command Prompt:

makecert -r -pe -n “CN=UiPath” -e 01/01/2019 -sky exchange -sv makecert.pvk makecert.cer
C:\Program Files (x86)\Microsoft SDKs\Windows\v7.1A\Bin\pvk2pfx.exe” -pvk makecert.pvk -spc makecert.cer -pfx makecert.pfx

Add the Certificate to OKTA

Login to OKTA. The following setup is made in Classic UI view. You can change it from the drop-down on the top-right corner of the window.
On the Application tab, select your previously defined application.
On the General tab, in the SAML Settings section, click Edit.
On the Configure SAML tab, click Show Advanced Settings.
For the Assertion Encryption drop-down, select the Encrypted option.
The certificate is displayed in the Encryption Certificate field.

Set Orchestrator/Identity Server to Use the Certificate

Import the makecert.pfx certificate to the Windows certificate store using Microsoft Management Console. See here how to do that.
Make sure that the following configuration is present in Identity Server's SAML2 settings within the External Providers page (read here how to access Identity Server):
- In the Signing Certificate section, set Store name parameter to My from the drop-box.
- Set the Store locationparameter to LocalMachine.
- Set the Thumbprint parameter to the thumbprint value provided in the Windows certificate store. Details here.
Click Save to save the changes to the external identity provider settings.
Restart the IIS server after performing any configuration changes within Identity Server.

On this page

Generating a Self-Signed Certificate
Add the Certificate to OKTA
Set Orchestrator/Identity Server to Use the Certificate

Was this page helpful?

PREVIOUSCustom Mapping

NEXTPrivate Key Certificates

Support and Services

Get The Help You Need

Learning RPA - Automation Courses

UiPath Community Forum

Trust and Security

© 2005-2024 UiPath. All rights reserved.