RPA web server certificate

Question

Just a heads-up for those running RecoverPoint ver 5

If you are running Reoverpoint4 VMs 5.3.4.1 (perhaps applies to RP4VM older versions as well), the default web server certificate ("signed" by EMC) expires on Jan 21 2026.

Usually, there is no need to access the RPA's web page anyway, so this is easy to miss.

Instructions to update the SSL cert, either with a self-signed one, or with your official CA, are buried deep in the Security Guide, but it is there.

DELL-Sam L · Answer

Hello CrashCart,

Here is a link to a KB that explains how to update certificates. You are correct that this information is also in the security guide.

https://www.dell.com/support/kbdoc/en-us/000181907/how-to-update-vcenter-certificate-on-both-rp-and-plugin-server-and-updating-rp-certificate-at-plugin-server-sdie

CrashCart · Answer

Maybe I didn't phrase my original post correctly.

That KB article is the final necessary step in the process. but it will only copy the current, in-use rpa_web_server.crt file from the rpa cluster to the plugin server and tell the plugin server to use it. It does not actually update the rpa_web_server.crt file (which in my case, expires on Jan 21 2026).

One needs to first have/create/renew a rpa_web_server.crt file that has a validity date beyond Jan 21 2026 - and *that* process is documented in the Security Guide

CrashCart · Answer

Turns out, there is a KB article for this very issue - published Jan 14 https://www.dell.com/support/kbdoc/en-us/000402030/recoverpoint-for-vms-default-certificate-expires-on-january-21-2026

Dietgrover · Answer

@CrashCart​ Thanks for sharing this.  I'm in the process of installing RP4VM and have to use 5.4.3.1 since we have some older vCenter environments.  Everything was fine until connecting the clusters - it fails due to the expired certs.  I've been struggling with a workaround and came across your post.

RecoverPoint

RPA web server certificate

Was this post helpful?