HPE/Aruba-OS Switch - Certificate Used By HTTP-SSL Application Is Expired

By esupport posted Jul 22, 2020 10:52 AM

  
Q:

The switch is showing the following message in the event log:

W 07/10/20 12:11:39 03425 crypto: Certificate used by http-ssl application is expired.



A:

The switch is showing the following message in the event log:
W 07/10/20 12:11:39 03425 crypto: Certificate used by http-ssl application is expired.

This is caused by an expired SSL certificate, which is used for HTTPS access to the switch.
To resolve this issue, you will need to remove the expired certificate and install a new certificate with a valid expiration date.

When using a self-signed certificate, generated by the switch, use the following commands:

crypto pki zeroize
crypto pki enroll-self-signed certificate-name <cert-name> valid-start <mm/dd/yyyy> valid-end <mm/dd/yyyy> subject common-name <name>

The "crypto pki zeroize" command removes the expired certificate from the switch.
The "crypto pki enroll-self-signed..." command generates and installs a new certificate with the start and end expiration dates you specify.

*Note:  If you do not include the "valid-start" and "valid-end" options when generating the new certificate, the certificate defaults to 1 year before it expires.

0 comments
0 views