There can be instances where the Avi Load Balancer user interface is not accessible, but the Controller is reachable through CLI access.
Resolution
If the Avi Load Balancer UI is associated with a revoked certificate, the UI becomes inaccessible. The CLI can still be accessed as it uses SSH. Add the new certificate to the default NGNIX configuration file. Use the /etc/nginx/sites-enabled/default command to enable the Controller to use the correct certificate.
server {
listen 443;
server_tokens off;
more_clear_headers Server;
add_header Strict-Transport-Security "max-age=31536000;
includeSubdomains";
ssl on;
ssl_certificate /var/lib/avi/nginxd/certstore/server_00.cert;
ssl_certificate_key /var/lib/avi/nginxd/certstore/server_00.key;
ssl_certificate /var/lib/avi/nginxd/certstore/server_01.cert;
ssl_certificate_key /var/lib/avi/nginxd/certstore/server_01.key;
Test the reachability of the Avi Load Balancer UI by using the following curl command.
> curl -k -v <URL>
