<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic OnCommand Secure or Unsecure? in Active IQ Unified Manager Discussions</title>
    <link>https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/OnCommand-Secure-or-Unsecure/m-p/105758#M18685</link>
    <description>&lt;P&gt;Today I went to create a new SnapMirror relationship on an existing LUN but was greeted with a warning that asked me if I wanted to setup a secure connection or continue without secure. Obviously I chose the secure connection route but it kept asking until I finally caved in and said continue without secure. Thinking I can just proceed with my task at hand I went to create the SnapMirror relationship but was presented with more SSL troubles.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;During the SnapMirror wizard it reproted the following:&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;PRE&gt;500 Connection has been shutdown:
javax.net.ssl.SSLHandsakeException: Server chose SSLv3, but that protocol version is not enabled or not supported by the client.&lt;/PRE&gt;&lt;P&gt;I've read a few articles that suggested turning SSL.v2 off and turning on TLS. I even Disabled SSL from the OnCommand System Manager and renabled it, generating a new SSL Cert but nothing seems to work. Below&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;PRE&gt;filer_A&amp;gt; options httpd
httpd.access legacy
httpd.admin.access legacy
httpd.admin.enable on
httpd.admin.hostsequiv.enable off
httpd.admin.max_connections 512
httpd.admin.ssl.enable on
httpd.admin.top-page.authentication on
httpd.autoindex.enable off
httpd.bypass_traverse_checking off
httpd.enable off
httpd.ipv6.enable off
httpd.log.format common&amp;nbsp;
httpd.method.trace.enable off
httpd.rootdir /vol/vol0/home/http
httpd.timeout 300&amp;nbsp;
httpd.timewait.enable off&amp;nbsp;

filer_A&amp;gt; options ssl
ssl.enable on
ssl.v2.enable off
&lt;SPAN&gt;ssl.v3.enable on

filer_A&amp;gt; options tls&lt;BR /&gt;tls.enable on 

filer_A&amp;gt; secureadmin status&lt;BR /&gt;ssh2 - active&lt;BR /&gt;ssh1 - inactive&lt;BR /&gt;ssl - active&lt;/SPAN&gt;&lt;/PRE&gt;&lt;P&gt;Any thoughts?&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Thank you in advance.&lt;/P&gt;</description>
    <pubDate>Thu, 05 Jun 2025 00:10:58 GMT</pubDate>
    <dc:creator>tlpitch</dc:creator>
    <dc:date>2025-06-05T00:10:58Z</dc:date>
    <item>
      <title>OnCommand Secure or Unsecure?</title>
      <link>https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/OnCommand-Secure-or-Unsecure/m-p/105758#M18685</link>
      <description>&lt;P&gt;Today I went to create a new SnapMirror relationship on an existing LUN but was greeted with a warning that asked me if I wanted to setup a secure connection or continue without secure. Obviously I chose the secure connection route but it kept asking until I finally caved in and said continue without secure. Thinking I can just proceed with my task at hand I went to create the SnapMirror relationship but was presented with more SSL troubles.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;During the SnapMirror wizard it reproted the following:&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;PRE&gt;500 Connection has been shutdown:
javax.net.ssl.SSLHandsakeException: Server chose SSLv3, but that protocol version is not enabled or not supported by the client.&lt;/PRE&gt;&lt;P&gt;I've read a few articles that suggested turning SSL.v2 off and turning on TLS. I even Disabled SSL from the OnCommand System Manager and renabled it, generating a new SSL Cert but nothing seems to work. Below&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;PRE&gt;filer_A&amp;gt; options httpd
httpd.access legacy
httpd.admin.access legacy
httpd.admin.enable on
httpd.admin.hostsequiv.enable off
httpd.admin.max_connections 512
httpd.admin.ssl.enable on
httpd.admin.top-page.authentication on
httpd.autoindex.enable off
httpd.bypass_traverse_checking off
httpd.enable off
httpd.ipv6.enable off
httpd.log.format common&amp;nbsp;
httpd.method.trace.enable off
httpd.rootdir /vol/vol0/home/http
httpd.timeout 300&amp;nbsp;
httpd.timewait.enable off&amp;nbsp;

filer_A&amp;gt; options ssl
ssl.enable on
ssl.v2.enable off
&lt;SPAN&gt;ssl.v3.enable on

filer_A&amp;gt; options tls&lt;BR /&gt;tls.enable on 

filer_A&amp;gt; secureadmin status&lt;BR /&gt;ssh2 - active&lt;BR /&gt;ssh1 - inactive&lt;BR /&gt;ssl - active&lt;/SPAN&gt;&lt;/PRE&gt;&lt;P&gt;Any thoughts?&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Thank you in advance.&lt;/P&gt;</description>
      <pubDate>Thu, 05 Jun 2025 00:10:58 GMT</pubDate>
      <guid>https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/OnCommand-Secure-or-Unsecure/m-p/105758#M18685</guid>
      <dc:creator>tlpitch</dc:creator>
      <dc:date>2025-06-05T00:10:58Z</dc:date>
    </item>
    <item>
      <title>Re: OnCommand Secure or Unsecure?</title>
      <link>https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/OnCommand-Secure-or-Unsecure/m-p/105785#M18687</link>
      <description>&lt;P&gt;I discovered my issue, should anyone else come across this issue. I'm running Windows 7 64-bit with IE 10 and Java 8u45. I think the kicker is Java 8. Here is what I did to correct the issue:&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Installed the latest version of OnCommand, which at this time is 3.1.2 RC2. On all of my filers I had to enable TLS, and to error on the side of caution I disabled SSLv2.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;For those like me with little experience with NetApp, the command was "options tls.enable on" and "options ssl.v2.enable off"&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;PRE&gt;filer_A&amp;gt; options ssl
ssl.enable on
ssl.v2.enable off
&lt;SPAN&gt;ssl.v3.enable on

filer_A&amp;gt; options tls&lt;BR /&gt;tls.enable on &lt;/SPAN&gt;&lt;/PRE&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Wed, 03 Jun 2015 11:10:27 GMT</pubDate>
      <guid>https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/OnCommand-Secure-or-Unsecure/m-p/105785#M18687</guid>
      <dc:creator>tlpitch</dc:creator>
      <dc:date>2015-06-03T11:10:27Z</dc:date>
    </item>
    <item>
      <title>Re: OnCommand Secure or Unsecure?</title>
      <link>https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/OnCommand-Secure-or-Unsecure/m-p/108546#M19172</link>
      <description>&lt;P&gt;Enabling TLS resolved our problem as per the previous post. &amp;nbsp;We did not have to disable any SSL.&lt;/P&gt;</description>
      <pubDate>Wed, 12 Aug 2015 20:30:04 GMT</pubDate>
      <guid>https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/OnCommand-Secure-or-Unsecure/m-p/108546#M19172</guid>
      <dc:creator>iTB</dc:creator>
      <dc:date>2015-08-12T20:30:04Z</dc:date>
    </item>
    <item>
      <title>Re: OnCommand Secure or Unsecure?</title>
      <link>https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/OnCommand-Secure-or-Unsecure/m-p/115829#M20606</link>
      <description>&lt;P&gt;thanks for that, spent the last horu looking for a solution with loads of people posting stuff but you'r post fixed it&lt;/P&gt;</description>
      <pubDate>Tue, 16 Feb 2016 16:46:12 GMT</pubDate>
      <guid>https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/OnCommand-Secure-or-Unsecure/m-p/115829#M20606</guid>
      <dc:creator>JMaartenW</dc:creator>
      <dc:date>2016-02-16T16:46:12Z</dc:date>
    </item>
  </channel>
</rss>

