Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1903
Views
0
Helpful
7
Replies

How to check DNAC SSL Certificate in CLI

MohanKumar30269
Level 1
Level 1

‎10-04-2023 07:03 PM

Hello All,

How to check the DNAC SSL Certificate expiry date via CLI Command?

 

Regards,

Mohan Kumar

Labels:
0 Helpful
7 Replies 7

MohanKumar30269
Level 1
Level 1
In response to balaji.bandi

‎10-04-2023 09:17 PM

Thank you for your reply, Balaji. I'm looking for a CLI Command to view the certificate details so that we can automate using the NetBrain tool to run this command every month and send us the report to track of the expiry date.
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to MohanKumar30269

‎10-05-2023 07:56 PM

Cisco point of view CLI OLD fashion, better look API.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

alisha_rascon01
Level 1
Level 1

‎10-27-2023 11:20 PM - edited ‎12-04-2023 09:15 PM

To check the expiration date of the SSL certificate on a Cisco DNA Center (DNAC) appliance using the Command Line Interface (CLI), you can follow these steps:

1. Access the DNAC appliance via SSH or console cable.

2. Log in to the DNAC CLI with appropriate credentials.

3. Once you're logged in, you can use the following command to check the SSL certificate expiration date:

show crypto pki certificates <certificate-name>

Replace <certificate-name> with the actual name of the certificate you want to check. If you're not sure of the certificate name, you can use the following command to list all certificates:

show crypto pki certificates

Look for the certificate entry that corresponds to the DNAC's SSL certificate and note the "Valid from" and "Valid until" dates. The "Valid until" date is the certificate's expiration date.

Here's an example of what the output might look like:

Certificate
Status: Available
Certificate Serial Number: <serial-number>
Certificate Usage: General Purpose
Issuer: CN=Example CA
Subject: CN=dnac.example.com
Valid from: <start-date>
Valid until: <expiry-date>
Fingerprint: <fingerprint>

In the example above, you would be interested in the "Valid until" date, which indicates when the SSL certificate will expire.

Keep in mind that you may need administrative privileges to access this information, and it's essential to regularly check and renew SSL certificates before they expire to ensure secure communication with your DNAC appliance.

0 Helpful

rehmatbibi791
Level 1
Level 1

‎10-31-2023 01:17 AM - edited ‎11-02-2023 02:45 AM

To check the SSL certificate expiry date for Cisco DNA Center (DNAC) via CLI, use the command "show platform software security certificate detail." This command provides detailed information about the SSL certificate, including its validity and expiry date. Look for the "Valid From" and "Valid To" fields in the output to determine the certificate's start and expiry dates, allowing you to monitor and ensure the certificate's validity and a renewal as needed.

0 Helpful

MohanKumar30269
Level 1
Level 1
In response to rehmatbibi791

‎11-02-2023 03:14 PM

Thanks for your reply, but it says unknown command! Do I have any other mode available? It looks like taking very limited commands and those are Linux-based.
[cid:image001.png@01DA0DAE.F21FECA0]
0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to MohanKumar30269

‎11-20-2023 10:49 PM

 

@rehmatbibi791 are spammers, responses are bot-generated and are not necessarily correct.

 

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card