This article guides the recovery or regeneration of the default device certificate for Zyxel Firewalls. Learn step-by-step instructions to address certificate issues using the CLI and the web interface, ensuring your device is configured correctly and securely.
How to regenerate the default certificate of the USG FLEX H device?
Regenerate default certificate:
cmd debug _certManager regenerate default
Check certificate status and validity:
show state certManager
Shows certificate info and validity dates, e.g.valid from Oct 20 2025 to Oct 18 2035
The result can also be checked in the graphical web interface.
How to regenerate the default certificate of the USG FLEX / ATP device?
To restore/regenerate the default device certificate using the CLI, you can connect to the device using SSH and enter CLI Router> debug _ca regenerate to generate a new certificate.
Note: All other certificates will be deleted in this process! Please save them before you enter the command.
Command: debug _ca regenerate
Comments
0 commentsPlease sign in to leave a comment.