Active IQ Unified Manager Discussions

Certificate based authentication in UM 7.3, 9.4

Cavin

need advise on how to implement this solution, rather than relying having to create local a/c in nas used for adding it to UM for datasource acquisition.

 

 

 

1 REPLY 1

GidonMarcus

Hi. you mean OCUM access to the cluster with a Client Cert and not a user? if so, i don't think it's possible.

 

Also from sec point. i think that ther's much different if the client cert saved in OCUM getting stolen or a password/api key saved in OCUM getting stolen.

Client cert is mainly useful when you have a token device or a smart card to protect the key. if the cert is unprotected - it's not much different from an unprotected password (well -after a re-think: at least for common attacks. as the private key will also not go over the wire as password do on the authentication. but that goes encrypted channel anyway)

 

Gidi.

Gidi Marcus (Linkedin) - Storage and Microsoft technologies consultant - Hydro IT LTD - UK
Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public