The transition to NetApp MS Azure AD B2C is complete. If you missed the pre-registration, you will be invited to reigister at next log in.
Please note that access to your NetApp data may take up to 1 hour.
To learn more, read the FAQ and watch the video.
Need assistance? Complete this form and select “Registration Issue” as the Feedback Category.

Active IQ Unified Manager Discussions

OnCommand Secure or Unsecure?

tlpitch

Today I went to create a new SnapMirror relationship on an existing LUN but was greeted with a warning that asked me if I wanted to setup a secure connection or continue without secure. Obviously I chose the secure connection route but it kept asking until I finally caved in and said continue without secure. Thinking I can just proceed with my task at hand I went to create the SnapMirror relationship but was presented with more SSL troubles.

 

During the SnapMirror wizard it reproted the following:

 

500 Connection has been shutdown:
javax.net.ssl.SSLHandsakeException: Server chose SSLv3, but that protocol version is not enabled or not supported by the client.

I've read a few articles that suggested turning SSL.v2 off and turning on TLS. I even Disabled SSL from the OnCommand System Manager and renabled it, generating a new SSL Cert but nothing seems to work. Below 

 

filer_A> options httpd
httpd.access legacy
httpd.admin.access legacy
httpd.admin.enable on
httpd.admin.hostsequiv.enable off
httpd.admin.max_connections 512
httpd.admin.ssl.enable on
httpd.admin.top-page.authentication on
httpd.autoindex.enable off
httpd.bypass_traverse_checking off
httpd.enable off
httpd.ipv6.enable off
httpd.log.format common 
httpd.method.trace.enable off
httpd.rootdir /vol/vol0/home/http
httpd.timeout 300 
httpd.timewait.enable off 

filer_A> options ssl
ssl.enable on
ssl.v2.enable off
ssl.v3.enable on

filer_A> options tls
tls.enable on filer_A> secureadmin status
ssh2 - active
ssh1 - inactive
ssl - active

Any thoughts?

 

Thank you in advance.

1 ACCEPTED SOLUTION

tlpitch

I discovered my issue, should anyone else come across this issue. I'm running Windows 7 64-bit with IE 10 and Java 8u45. I think the kicker is Java 8. Here is what I did to correct the issue:

 

Installed the latest version of OnCommand, which at this time is 3.1.2 RC2. On all of my filers I had to enable TLS, and to error on the side of caution I disabled SSLv2.

 

For those like me with little experience with NetApp, the command was "options tls.enable on" and "options ssl.v2.enable off"

 

filer_A> options ssl
ssl.enable on
ssl.v2.enable off
ssl.v3.enable on

filer_A> options tls
tls.enable on

 

View solution in original post

3 REPLIES 3

tlpitch

I discovered my issue, should anyone else come across this issue. I'm running Windows 7 64-bit with IE 10 and Java 8u45. I think the kicker is Java 8. Here is what I did to correct the issue:

 

Installed the latest version of OnCommand, which at this time is 3.1.2 RC2. On all of my filers I had to enable TLS, and to error on the side of caution I disabled SSLv2.

 

For those like me with little experience with NetApp, the command was "options tls.enable on" and "options ssl.v2.enable off"

 

filer_A> options ssl
ssl.enable on
ssl.v2.enable off
ssl.v3.enable on

filer_A> options tls
tls.enable on

 

View solution in original post

JMaartenW

thanks for that, spent the last horu looking for a solution with loads of people posting stuff but you'r post fixed it

iTB

Enabling TLS resolved our problem as per the previous post.  We did not have to disable any SSL.

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public