https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/Certificate-Based-Authentication-against-Unified-Manager-6-4/m-p/123216#M22124 <P>Hi&nbsp;<a href="https://community.netapp.com/t5/user/viewprofilepage/user-id/48477">@acjackson</a></P><P>&nbsp;</P><P>&nbsp;</P><P>I do not believe SSL cert based auth is possible with Unified Manager 6+ releases. &nbsp;I checked the SDK 5.5 docs and found this that agrees:</P><P>&nbsp;</P><P><A title="NaServer::set_style" href="https://community.netapp.com/t5/forums/replypage/board-id/oncommand-storage-management-software-discussions/message-id/help/programming_guide/perl_api_bindings/session_mngmnt_apis_perl_bindings.htm#NaServer::set_style" target="_blank">NaServer::set_style</A></P><P>&nbsp;</P><P>&nbsp;</P><TABLE><TBODY><TR><TD><P>$style</P></TD><TD><P>The authentication style</P><P>Following are the supported values:</P><UL><LI><P><SPAN>HOSTS</SPAN>—to use the hosts.equiv file on the storage system to determine access rights.</P></LI><LI><P><SPAN>LOGIN</SPAN>—to provide user name and password information. You can set the user name by using the API set_admin_user.</P></LI><LI><P><SPAN>CERTIFICATE</SPAN>—to use certificates to authenticate clients who attempt to connect to a server, without using login credentials. This style automatically sets HTTPS as the transport mechanism. You can use this authentication mechanism for clustered Data ONTAP 8.2 and OnCommand Unified Manager 5.0.2, 5.1, and 5.2.</P></LI></UL><P><SPAN>To authenticate the server, server certificate verification and hostname verification is required.</SPAN></P><P>For more information, see the APIs<SPAN>NaServer::set_client_cert_and_key()</SPAN>,<SPAN>NaServer::set_ca_certs(),</SPAN><SPAN>NaServer::set_server_cert_verification(),</SPAN>and<SPAN>NaServer::set_hostname_verification()</SPAN>.</P></TD></TR></TBODY></TABLE><P>&nbsp;</P><P>&nbsp;</P><P>Cheers,<BR />Chris Madden</P><P>Solution Architect - 3rd Platform - Systems Engineering NetApp EMEA (and author of Harvest)</P><P>Blog:&nbsp;<A href="http://blog.pkiwi.com/" target="_blank">It all begins with data</A></P><P>&nbsp;</P><P><EM>If this post resolved your issue, please help others by selecting&nbsp;<STRONG>ACCEPT AS SOLUTION</STRONG>&nbsp;or adding a&nbsp;<STRONG>KUDO </STRONG>or both!</EM></P> Tue, 13 Sep 2016 18:15:41 GMT madden 2016-09-13T18:15:41Z https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/Certificate-Based-Authentication-against-Unified-Manager-6-4/m-p/123171#M22114 <P>Hello,</P><P>&nbsp;</P><P>I'm trying to setup Certificate Based Authentication against&nbsp;Unified Manager 6.4 to use with NMSDK.</P><P>I did manage to setup CBA against DFM 5.2, but I didnt found any option on the Unified Manager: the&nbsp;"dfm" command on console has no 'dfm ssl service' option anymore</P><P>Because I couldn't find any topic on CBA in the Unified Manager 6.4 manual either, I am not sure, if it's still supported.</P><P>&nbsp;</P><P>Do I have to use LDAP for certificate&nbsp;based authentication?</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 04 Jun 2025 19:08:34 GMT https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/Certificate-Based-Authentication-against-Unified-Manager-6-4/m-p/123171#M22114 acjackson 2025-06-04T19:08:34Z https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/Certificate-Based-Authentication-against-Unified-Manager-6-4/m-p/123216#M22124 <P>Hi&nbsp;<a href="https://community.netapp.com/t5/user/viewprofilepage/user-id/48477">@acjackson</a></P><P>&nbsp;</P><P>&nbsp;</P><P>I do not believe SSL cert based auth is possible with Unified Manager 6+ releases. &nbsp;I checked the SDK 5.5 docs and found this that agrees:</P><P>&nbsp;</P><P><A title="NaServer::set_style" href="https://community.netapp.com/t5/forums/replypage/board-id/oncommand-storage-management-software-discussions/message-id/help/programming_guide/perl_api_bindings/session_mngmnt_apis_perl_bindings.htm#NaServer::set_style" target="_blank">NaServer::set_style</A></P><P>&nbsp;</P><P>&nbsp;</P><TABLE><TBODY><TR><TD><P>$style</P></TD><TD><P>The authentication style</P><P>Following are the supported values:</P><UL><LI><P><SPAN>HOSTS</SPAN>—to use the hosts.equiv file on the storage system to determine access rights.</P></LI><LI><P><SPAN>LOGIN</SPAN>—to provide user name and password information. You can set the user name by using the API set_admin_user.</P></LI><LI><P><SPAN>CERTIFICATE</SPAN>—to use certificates to authenticate clients who attempt to connect to a server, without using login credentials. This style automatically sets HTTPS as the transport mechanism. You can use this authentication mechanism for clustered Data ONTAP 8.2 and OnCommand Unified Manager 5.0.2, 5.1, and 5.2.</P></LI></UL><P><SPAN>To authenticate the server, server certificate verification and hostname verification is required.</SPAN></P><P>For more information, see the APIs<SPAN>NaServer::set_client_cert_and_key()</SPAN>,<SPAN>NaServer::set_ca_certs(),</SPAN><SPAN>NaServer::set_server_cert_verification(),</SPAN>and<SPAN>NaServer::set_hostname_verification()</SPAN>.</P></TD></TR></TBODY></TABLE><P>&nbsp;</P><P>&nbsp;</P><P>Cheers,<BR />Chris Madden</P><P>Solution Architect - 3rd Platform - Systems Engineering NetApp EMEA (and author of Harvest)</P><P>Blog:&nbsp;<A href="http://blog.pkiwi.com/" target="_blank">It all begins with data</A></P><P>&nbsp;</P><P><EM>If this post resolved your issue, please help others by selecting&nbsp;<STRONG>ACCEPT AS SOLUTION</STRONG>&nbsp;or adding a&nbsp;<STRONG>KUDO </STRONG>or both!</EM></P> Tue, 13 Sep 2016 18:15:41 GMT https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/Certificate-Based-Authentication-against-Unified-Manager-6-4/m-p/123216#M22124 madden 2016-09-13T18:15:41Z