SUSE Support

Here When You Need Us

Update self signed certificate on single install of Rancher 2.x

This document (000020168) is provided subject to the disclaimer at the end of this document.



Update/renew self signed certificates to ten year expiration on Single Server Install of Rancher 2.x



  1. Download Rancher single tool on the server that is running your Rancher container:

    curl -LO
  2. Run script so that it upgrades your installation (you can upgrade to the same version) and pass flags to indicate that you want to regenerate your self signed certificate. The most reliable way is to just specify all of your options on the command line but the script does have an easy to use automated system as well as shown in option b.

    a. Specify all flags on command line, including any rancher options you had and docker options. Option -s is required for generating new 10 year self signed SSL certificates.

    bash -f -c'<container_id>' -t'upgrade' -v'<rancher_version>' -d'<docker_options>' -r'<rancher_options>' -s'<self_signed_ssl_hostname>'

    For example:

    bash -f -c'984f2fe62f6a' -t'upgrade' -v'v2.2.4' -d'-d --restart=unless-stopped -p 80:80 -p 443:443' -r'none' -s''

    b. Let the script prompt you for answers and autodetect docker and rancher options when asked to.

    bash -s'<self_signed_ssl_hostname>'

    For example:

    bash -s''
  3. In order to see the new SSL you need to completely quit your browser and start it back up, otherwise it might still show you the old certificate. Alternatively you can consistently check this using openssl instead of using your browser.

    openssl s_client -connect | openssl x509 -noout -text -startdate -enddate
  4. If you have any downstream clusters attached to this Rancher installation you will need to update their Rancher agent deployment which will be covered in


This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000020168
  • Creation Date: 13-Jul-2021
  • Modified Date:13-Jul-2021
    • SUSE Rancher

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.