https://community.netapp.com/t5/ONTAP-Discussions/Import-SSL-Wildcard-Certificate-into-ONTAP-9-3P2/m-p/148690#M33086 <P>When we 1st installed our filer, the consultant helped us to import a wildcard SSL certificate into ONTAP and bind that certificate to the vserver for system manager, etc.&nbsp; Well, that wildcard certificate has expired.&nbsp; I've renewed it, but now I'm trying to figure out the magic for importing the certificate again.&nbsp;</P> <P>&nbsp;</P> <P>The "typical" process would be to generate a CSR and then have a third party sign it.&nbsp; That's not what I need to do.&nbsp; I have a fully formed certificate that I've exported from a Windows server.&nbsp; There's is no need for a CSR--I've got an exported certificate.&nbsp; So how do I import this thing into ONTAP?</P> <P>&nbsp;</P> <P>Thanks!</P> Wed, 04 Jun 2025 12:29:53 GMT orametrix 2025-06-04T12:29:53Z https://community.netapp.com/t5/ONTAP-Discussions/Import-SSL-Wildcard-Certificate-into-ONTAP-9-3P2/m-p/148690#M33086 <P>When we 1st installed our filer, the consultant helped us to import a wildcard SSL certificate into ONTAP and bind that certificate to the vserver for system manager, etc.&nbsp; Well, that wildcard certificate has expired.&nbsp; I've renewed it, but now I'm trying to figure out the magic for importing the certificate again.&nbsp;</P> <P>&nbsp;</P> <P>The "typical" process would be to generate a CSR and then have a third party sign it.&nbsp; That's not what I need to do.&nbsp; I have a fully formed certificate that I've exported from a Windows server.&nbsp; There's is no need for a CSR--I've got an exported certificate.&nbsp; So how do I import this thing into ONTAP?</P> <P>&nbsp;</P> <P>Thanks!</P> Wed, 04 Jun 2025 12:29:53 GMT https://community.netapp.com/t5/ONTAP-Discussions/Import-SSL-Wildcard-Certificate-into-ONTAP-9-3P2/m-p/148690#M33086 orametrix 2025-06-04T12:29:53Z https://community.netapp.com/t5/ONTAP-Discussions/Import-SSL-Wildcard-Certificate-into-ONTAP-9-3P2/m-p/148693#M33089 <P>You should be able to install an existing CA-signed SSL cert with the "security certificate install" command, pasting in the cert and private key (and any intermediate/root certs) when prompted to do so. After that, you should be able to see your certificate in the output of the "security certificate show" command.&nbsp;</P> <P>&nbsp;</P> <P>From there, you can continue the certificate renewal process (delete expired cert, set new cert with "security ssl modify", etc.), specifying your newly imported certificate.</P> <P>&nbsp;</P> <P>"security certificate install" documentation:</P> <P><A href="https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-cmpr-950%2Fsecurity__certificate__install.html" target="_blank">https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-cmpr-950%2Fsecurity__certificate__install.html</A></P> <P>&nbsp;</P> <P>Replacing an expired digital certificate documentation:</P> <P><A href="https://library.netapp.com/ecmdocs/ECMP1636038/html/GUID-59C84C17-1019-4B54-9824-474576B68D95.html" target="_blank">https://library.netapp.com/ecmdocs/ECMP1636038/html/GUID-59C84C17-1019-4B54-9824-474576B68D95.html</A></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>Donny</P> Tue, 04 Jun 2019 17:31:20 GMT https://community.netapp.com/t5/ONTAP-Discussions/Import-SSL-Wildcard-Certificate-into-ONTAP-9-3P2/m-p/148693#M33089 donny_lang 2019-06-04T17:31:20Z