Upgrade with Default TLS

Required User Role: Administrator on the local machine

This process upgrades the following Tenable Identity Exposure components in default TLS mode without peer verification and with self-signed certificates.

At each upgrade, Tenable Identity Exposure generates a new self-signed certificate. The validity period for the certificate is 3650 days. After the installation or upgrade, the certificates are located at C:\Tenable\Tenable.ad\DefaultPKI\Certificates.

Note: You can change this default TLS option at a later date if you wish and upload your own certificates.

Order of Upgrade

Upgrade the components in the following order:

  1. Directory Listener

  2. Security Engine Node

  3. Storage Manager
Caution: For the installation or upgrade to work, you must run the installer as a local user or a domain user who is a member of the Local Administrators group.
Note: Restart your machine before each upgrade.

After you upgrade the components, restart the machines in the following order:

  1. Storage Manager

  2. Security Engine Node

  3. Directory Listener

See also