https://community.extremenetworks.com/t5/extremeswitching-exos-switch/self-signed-certificate-expiration-for-https/m-p/56761#M16673 Thanks for clarifying! Mon, 04 Jun 2018 18:46:00 GMT Eric_Burke 2018-06-04T18:46:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/self-signed-certificate-expiration-for-https/m-p/56757#M16669 Good morning! Using a self-signed cert for use with HTTPS and noticed that the expiration is automatically 1 year from the date of creation. Does anyone know if there is a way to change the expiration date to something longer (maybe 5 years)? Here's what I'm using:<BR /> <BR /> conf ssl certificate privkeylen 2048 country US organization "Our Company Name" common-name w-core-sw2.company.local<BR /> <BR /> Thanks,<BR /> Eric Sun, 03 Jun 2018 19:39:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/self-signed-certificate-expiration-for-https/m-p/56757#M16669 Eric_Burke 2018-06-03T19:39:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/self-signed-certificate-expiration-for-https/m-p/56758#M16670 Eric,<BR /> You can't from the self sighed feature on the switch. You can add your own cert you generate on your PC. <BR /> Mon, 04 Jun 2018 17:27:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/self-signed-certificate-expiration-for-https/m-p/56758#M16670 StephenW 2018-06-04T17:27:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/self-signed-certificate-expiration-for-https/m-p/56759#M16671 Thanks Stephen. So what are you actually doing when you enter the ssl cert info as I noted? Mon, 04 Jun 2018 17:27:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/self-signed-certificate-expiration-for-https/m-p/56759#M16671 Eric_Burke 2018-06-04T17:27:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/self-signed-certificate-expiration-for-https/m-p/56760#M16672 You are having the switch generate a key. You can generate your own in ubuntu, and upload it to the switch. <BR /> <BR /> Ubuntu:~$sudo openssl req -x509 -nodes -days 1825 -newkey rsa:2048 -keyout ./private.key -out ./public.crt <BR /> <BR /> Then login to the switch and enter the keys:<BR /> <BR /> * Switch.2 # conf ssl privkey pregenerated -----BEGIN PRIVATE KEY----- Nu8OeKox1UHQE2deOsTY5Le7iRx+SApETXiHZzStY+4spMrVxwpzxCbZlLKmJHuG -----END PRIVATE KEY----- SSL Certificate and Key do not match Please load new Certificate now New Key will be usable after restart of thttpd process. * Slot-1 L3L_K1_U33_34(65.43).3 # conf ssl certificate pregenerated -----BEGIN CERTIFICATE----- PxFKlZIUHLEoYWnpPlwrDuX67CSJzdyXnZfrODcMYA1S/dDj9pjAF5WOh/21WH1S -----END CERTIFICATE----- * Switch.2 # show ssl HTTPS Port Number: 443 (Disabled) Signature Algorithm configured: sha512 With RSA Encryption Private Key matches the Certificate's public key. RSA Key Length: 2048 Certificate: Data: Version: 3 (0x2) Serial Number: xx:xx:xx:xx:xx:xx:xx:xx Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, ST=Some-State, L=cary, O=Internet Widgits Pty Ltd, OU=switch, CN=switch/emailAddress=sdf@yahoo.com Validity Not Before: Jun 4 13:36:26 2018 GMT Not After : Jun 3 13:36:26 2023 GMT Subject: C=US, ST=Some-State, L=anywhere, O=Internet Widgits Pty Ltd, OU=switch, CN=switch/emailAddress=sdf@yahoo.com * Switch.2 # * Switch.2 # * Switch.2 # en web https Mon, 04 Jun 2018 18:46:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/self-signed-certificate-expiration-for-https/m-p/56760#M16672 StephenW 2018-06-04T18:46:00Z https://community.extremenetworks.com/t5/extremeswitching-exos-switch/self-signed-certificate-expiration-for-https/m-p/56761#M16673 Thanks for clarifying! Mon, 04 Jun 2018 18:46:00 GMT https://community.extremenetworks.com/t5/extremeswitching-exos-switch/self-signed-certificate-expiration-for-https/m-p/56761#M16673 Eric_Burke 2018-06-04T18:46:00Z