The System Manager virtual machine displays the validity information for the System Manager Identity certificates. For example, container_tls and data_store.

1. If there are any valid, unexpired third-party CA issued System Manager certificates, the command displays the certificate information. The command stops and prompts you to re-run the command with the -FORCE argument.

2. If there are any expired third-party CA issued certificates or any expired or nearing expiry System Manager CA issued certificates, the command prompts you to continue with the certificate renewal process.

   • If you type n, the command stops without making any changes to the System Manager.

   • If you type y, the command prompts you to do the following:

     • If you have taken a snapshot, type y.

       The command continues to renew the certificates.

     • If you have not taken a snapshot, type n.

       Note:

       If you have not taken a snapshot, the best practice is to type n to stop the command, take a snapshot, and repeat from Step 2.

3. If it is a secondary System Manager, type the Enrollment password when prompted.

   The command continues the certificate renewal process.

   The best practice is to not interfere with the command when it is in progress. The completion time for the certificate renewal process varies for each system.