NetApp Community Update
This site will enter Read Only mode on July 23 as we prepare to move to a new platform. You will still be able to view content, but posting and replying will be temporarily disabled.
We're excited to launch our new Community experience on July 30 and more information will follow soon.
Stay connected during the transition - Join our Discord community today.

Active IQ Unified Manager Discussions

Certificate based authentication in UM 7.3, 9.4

Cavin
3,393 Views

need advise on how to implement this solution, rather than relying having to create local a/c in nas used for adding it to UM for datasource acquisition.

 

 

 

1 REPLY 1

GidonMarcus
3,377 Views

Hi. you mean OCUM access to the cluster with a Client Cert and not a user? if so, i don't think it's possible.

 

Also from sec point. i think that ther's much different if the client cert saved in OCUM getting stolen or a password/api key saved in OCUM getting stolen.

Client cert is mainly useful when you have a token device or a smart card to protect the key. if the cert is unprotected - it's not much different from an unprotected password (well -after a re-think: at least for common attacks. as the private key will also not go over the wire as password do on the authentication. but that goes encrypted channel anyway)

 

Gidi.

Gidi Marcus (Linkedin) - Storage and Microsoft technologies consultant - Hydro IT LTD - UK
Public