There maybe instances where administrator wanted to replace default certificate presented by Management-Center to manage devices or UI (8082).
This article discuss creating a self-signed certificate in management center.
If intent is to create/import a Management Center certificate signed by your internal PKI, refer to article 184735 .
Management Center running 3.x and later
Component: Certificate.
Regenerate a new self signed certificate
mc14# ssl regenerate certificate default subject C=US,ST=CA,O=Symantec,CN=mc14.example.com alternative-names 192.168.100.20
A certificate already exists for keyring default. Would you like to replace it? (yes/no) [no]: yes
ok
To view the newly self-signed certificate:
mc14# ssl view keyring default
Keyring ID: default
Private key showability: show
Key type: RSA
Key size: 2048 bits
Signing request: present
Certificate: present
Certificate subject: C=US,ST=CA,O=Symantec,CN=mc14.example.com
Subject alternative name: IP Address:192.168.100.20
Certificate issuer: C=US,ST=CA,O=Symantec,CN=mc14.example.com
Certificate valid from: Mar 30 16:36:51 2023 GMT
Certificate valid to: Mar 30 16:36:51 2025 GMT
Certificate thumbprint: 1B:F7:42:E3:63:90:6A:C3:DE:51:13:9B:BF:99:D0:E3:42:16:CD:59
mc14#
Optional:
Prior regenerating the default certificate, you could backup current certificate information:
E.g.
1. Backup current subject info by view keyring default command, save output Certificate subject:
mc14# ssl view keyring default
Keyring ID: default
Certificate subject: C=US,ST=CA,L=Mountain View,O=Symantec Management Center,OU=002669XXXX,CN=host or fqdn <--
Subject alternative name: IP Address:XXX.XXX.XXX.XXX
Note: Here OU=002669XXXX means the Organizational unit and CN=XXX.XXX.XXX.XXX is the command name which can be your IP address, host or fqdn.
2. Backup certificate default
mc14# ssl view certificate default
save output "BEGIN CERTIFICATE" to "END CERTIFICATE"
-----BEGIN CERTIFICATE-----
MIID9jCCAt6gAwIBAgIJAMvulXSL+dYhMA0GCSqGSIb3DQEBCwUAMHsxCzAJBgNV
1xtvWSUUNfN3gMNFaA+7
-----END CERTIFICATE-----
3. Backup the private key for default.
mc14# ssl view keypair default
Save output "BEGIN PRIVATE KEY" to "END PRIVATE KEY"
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCinvzRzXNny9Hb
0m8i1L6HYDZ//H9ojCfxEnqDPA==
-----END PRIVATE KEY-----