If you get a fault similar to the following in your UCS system:

This will be caused if the cluster name is changed, or if the default cert expires (which happens every year).

Here is how to address it.

Verification

SSH into your active Fabric Interconnect.  Verify the situation with the following commands:

UCS-A# scope security
UCS-A /security # show keyring detail

Look at the first few lines of the output, and you should see one that reads Cert Status: Expired.

Regenerating the Keyring

Run the following commands:

UCS-A# scope security
UCS-A /security # scope keyring default
UCS-A /security/keyring* # set regenerate yes
UCS-A /security/keyring* # commit-buffer
UCS-A /security/keyring #

Wait a few minutes for the change to take effect. You can verify the regeneration has worked by rerunning the verify steps above, and you should now see Cert Status: Valid