CAUTION: PERFORM THIS TASK ONLY DURING A MAINTENANCE WINDOW AS THERE IS A POTENTIAL FOR DOWNTIME. The downtime affects access
to the APIC cluster and switches from external users or systems and not the APIC to switch connectivity. The NGINX process
on the switches will also be impacted but that will be only for external connectivity and not for the fabric data plane. Access
to the APIC, configuration, management, troubleshooting and such will be impacted. Expect a restart of all web servers in
the fabric during this operation.
You must remain aware of the expiration date of the certificate and take action before it expires. To preserve the same key
pair for the renewed certificate, you must preserve the CSR as it contains the public key that pairs with the private key
in the key ring. Before the certificate expires, the same CSR must be resubmitted. Do not delete or create a new key ring
as deleting the key ring will delete the private key stored internally on the APIC.