Subscribe

Change default security certificate expiration time

Hello,

 

the self signed certifiactes creating during install and SVM creation will expire after 365 days.

 

When i install the system i can change this certificates as described here: https://kb.netapp.com/support/index?page=content&id=1014389

 

But when the customer creates a new SVM the new certificate is only 365 days valid and must replaced manually.

 

Is there a way that all new certificates will be valid for 3650 days?

 

Or are there certificates that will be renew automatically?

 

I will prevent that the customer will get problems because there are certificates expired.

 

Regards

Stefan

Re: Change default security certificate expiration time

I am but a dumb OCI guy, but that KB doesn't mention the -expire-days cli option where you can override the default 365 day value with as much as 36510

Re: Change default security certificate expiration time

This when creating a new certificate on the CLI by entering the commands. I'm asking for a way that all new certificates will be created with a longer time period.

 

So that there is no need for replacing the certificate after creating a new SVM.

 

Re: Change default security certificate expiration time

Hi,

 

I believe the default expiration date of self-signed security certificates is 365 days since it is recommended to renew certificates every year for security reasons. 

 

Regards,

AJ