Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2511
Views
30
Helpful
2
Replies

Key ring Expiration

Go to solution
SDavidson15
Level 1
Level 1

‎12-11-2015 09:09 AM - edited ‎03-01-2019 12:30 PM

Hey everyone,

I posted earlier on a license issue I also have a Key Ring expiration in my critical errors, will this effect my environment?

Regards,

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Qiese Dides
Cisco Employee
Cisco Employee

‎12-11-2015 10:11 AM

Here is some Cisco documentation providing information regarding the fault that you are
experiencing:

http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/cli/config/guide/2-0/b_UCSM_

CLI_Configuration_Guide_2_0/b_UCSM_CLI_Configuration_Guide_2_0_chapter_0110.html#task_7052

CA63F06F49D29F58D6BA1CF99993

The key ring certificate will expire annually or whenever the cluster name changes. As you
have stated, you have made no recent upgrades, so this is probably just letting you know
you need to renew the certificate.

The 4 commands listed in that document will resolve the default keyring invalid error.
The following example regenerates the default key ring:

UCS-A# scope security

UCS-A /security # scope keyring default

UCS-A /security/keyring* # set regenerate yes

UCS-A /security/keyring* # commit-buffer

UCS-A /security/keyring #

This is non-disruptive and once it is completed the error will be resolved.

Regards,

Qiese Dides

View solution in original post

2 Replies 2

Go to solution
Wes Austin
Cisco Employee
Cisco Employee

‎12-11-2015 09:32 AM

See here:

https://supportforums.cisco.com/discussion/11601616/default-keyrings-certificate-invalid

This will have no impact whether you regenerate the keyring or not. If you choose to regenerate, you will be kicked out of UCSM temporarily while the keyring is regenerated and then the error will clear shortly after.

Let me know if you have further questions.

HTH,

Wes

Go to solution
Qiese Dides
Cisco Employee
Cisco Employee

‎12-11-2015 10:11 AM

Here is some Cisco documentation providing information regarding the fault that you are
experiencing:

http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/cli/config/guide/2-0/b_UCSM_

CLI_Configuration_Guide_2_0/b_UCSM_CLI_Configuration_Guide_2_0_chapter_0110.html#task_7052

CA63F06F49D29F58D6BA1CF99993

The key ring certificate will expire annually or whenever the cluster name changes. As you
have stated, you have made no recent upgrades, so this is probably just letting you know
you need to renew the certificate.

The 4 commands listed in that document will resolve the default keyring invalid error.
The following example regenerates the default key ring:

UCS-A# scope security

UCS-A /security # scope keyring default

UCS-A /security/keyring* # set regenerate yes

UCS-A /security/keyring* # commit-buffer

UCS-A /security/keyring #

This is non-disruptive and once it is completed the error will be resolved.

Regards,

Qiese Dides

Customers Also Viewed These Support Documents

Review Cisco Networking products for a $25 gift card