Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
467
Views
0
Helpful
1
Replies

Update Web Certificate in UCSM 4.2(3i)

DTAG_Sistemas_Unix
Level 1
Level 1

‎04-10-2025 04:48 AM

Hello,

We'd like to update the web certificate in UCSM plattform.

We have 4.2(3i) version.

Thank you very much and kind regards.

Labels:
0 Helpful
1 Reply 1

wajidhassan
Level 4
Level 4

‎07-03-2025 08:38 AM

To update the web (HTTPS) certificate on your Cisco UCS Manager (UCSM) platform running version 4.2(3i), you’ll follow a process to generate a Certificate Signing Request (CSR) or directly upload a new certificate and private key, depending on your certificate authority (CA) setup.

Here’s a step-by-step guide:

Step-by-Step: Updating the Web Certificate on UCSM 4.2(3i)
1. Access UCSM via GUI or CLI
Open UCS Manager GUI in a browser or SSH into a Fabric Interconnect for CLI access.

Use the Admin tab for certificate-related operations.

2. Go to Key Management Section
In UCSM GUI:

Navigate to:
Admin → Key Management

Select:

Default Key Ring

Or create a new custom key ring if needed.

3. Generate a CSR (if using external CA)
If you want to use a certificate signed by an external CA:

Click Generate Certificate Request (CSR)

Fill in:

Common Name (FQDN of UCSM)

Organization, Country, etc.

Copy the generated CSR and submit it to your CA.

After receiving the signed certificate from the CA, import it back into UCSM:

Choose the Key Ring used when CSR was created

Click Import Certificate

4. Alternatively: Upload Web Certificate & Private Key (PEM)
If you already have a private key and certificate (e.g. from an internal CA):

Convert the certificate and key into PEM format if needed.

Go to:

Admin → Communication Services → HTTPS

Click Import Certificate

Upload:

Server Certificate (.pem)

Private Key (.pem)

Make sure the private key is unencrypted (no passphrase), or UCSM won’t accept it.

5. Apply and Save
After importing, click Save Changes

Restart the HTTPS service (or reboot UCSM if required) for the new certificate to take effect.

6. Verify
Open UCSM in a browser and check the new HTTPS certificate

Ensure it matches the domain and is trusted

Tips
Backup existing certificate before replacing it.

UCSM does not support wildcard certificates in some versions.

Ensure the FQDN used in the certificate matches the UCS Manager access URL.

If accessing UCSM through IP but cert is FQDN-based, browsers will still show a mismatch warning unless you update your DNS or hosts file.

0 Helpful
Customers Also Viewed These Support Documents