Dell CloudLink: The Web TLS Certificate is Expired

In MONITORING > Alarms, notice that this alarm was triggered:

The web TLS certificate is expired

Each CloudLink node has its own web TLS certificate used for the webUI at https://cloudlink.ip:443. You must renew the web TLS certificate separately on each CloudLink node.

There is not any impact if the web TLS certificate is expired, however it should still be renewed for security purposes.

How to renew the web TLS certificate:

Take snapshots of all CloudLink VMs before changing any certificates (you do not have to include memory). Also take backups from the CloudLink webUI in SYSTEM > Backup > Generate New Backup and then Actions > Download Backup.

Ensure that you can locate the CloudLink backup key (cckey.pem) which should have been saved during deployment of CloudLink.

CloudLink 8.1 and above:
Starting in CloudLink 8.1, you can renew the self-signed web TLS certificate by clicking SERVER > TLS > Change Certificate.

CloudLink 7.x:
Older versions of CloudLink cannot change the web TLS certificate. It is recommended to upgrade to CloudLink 8.1 or later (if possible) in order to renew this certificate. If upgrading is not an option, you can apply your own web TLS certificate by going to SERVER > TLS > Upload.

This certificate can be created by generating a CSR, and getting it signed by a Certificate Authority.

It is also possible to use OpenSSL to create a self-signed certificate intended to replace the CloudLink 7.x web TLS certificates. This article has instructions to do this: CloudLink: Error ERR_SSL_KEY_USAGE_INCOMPATIBLE When Opening CloudLink Web UI