Update the data protection settings for Identity Provider

When you set up the management server in a cluster, you must update the Identity Provider configuration data to make the data protection settings identical on both nodes.

You must have imported your certificate to the Personal store for the user running VideoOS IDP AppPool and given it Read permissions. If you use a self-signed certificate, you must add it to the Trusted Root Certificates Authorities store on your local computer.

To set up data protection and update the data protection keys for the user running the VideoOS IDP AppPool application pool:

  1. On Node 1, locate the appsettings.json file in the installation path of the Identity Provider ([Install path]\Milestone\XProtectManagement Server\IIS\IDP).

  2. In the DataProtectionSettings section, make the following changes:

    • To set up data protection, set the thumbprint of the certificate that's used by the IDP application pools and the Management Server service. See How to: Retrieve the Thumbprint of a Certificate.

    • To remove the old certificate key, set CleanUpNonCertificateKeys to true. 

    3. "DataProtectionSettings": {
  "ProtectKeysWithCertificate": {
    "Thumbprint": "" 
    "CleanUpNonCertificateKeys": true
  }
},

  1. Repeat steps 1-2 on Node 2.