Cisco IOS Self-Signed Certificate Expiration

On Jan 1, 2020 all self signed certificates that were generated on IOS/IOS-XE platforms got expired. After that time your device will not be able to generate self signed certificates.

There are some work arounds :

  • Obtain a valid certificate from a 3rd part Certificate Authority
  • Use the IOS CA Server to generate a new certificate
  • Use OpenSSL to generate a new self-signed certificate
  • Update your system, if possible, to a fixed SSC IOS version

Systems affected :

  • All IOS 12.x
  • all IOS 15.x prior to 15.6(3)M7, 15.7(3)M5, 15.8(3)M3, 15.9(3)M
  • all IOS-XE prior to 16.9.1

You can find more information here.

Leave a Reply

Your email address will not be published. Required fields are marked *