Active IQ Unified Manager Discussions

OnCommand System Manager 3.0 not recognizing SSL on a particular filer

JOSH_BRANDON
30,125 Views

I started getting this error upon login earlier this week and I am stumped on how to resolve it.

When attempting to launch OnCommand System Manager in my web browser (Internet Exporer 9, Update Versions: 9.0.22) I can successfully log into all filers but one, which produces the following message before authentication:

"<filer name> is not configured for secure management. Sensitive information you supply including passwords will be visible to other computers on the network."

The message then offers two radio buttons for options:

"Set up a secure connection. (Recommended)  This option configures SSL using an insecure connection, then switches to secure connection."

"Continue without secure connection.  Transports credentials and data in clear text format."

In terms of troubleshooting, I have verified that SSL is enabled on the filer and attempting to setup a new SSL certificate doesn't seem to address the issue.  I have also disabled/enabled the SSL service on the problem filer, to no avail.

I have a total of twelve filers in my environment and none of the other filers are experiencing this issue, which makes me believe that something changed on this particular filer to cause the issue. Thoughts on what to try next for troubleshooting would be appreciated.

11 REPLIES 11

UweRoosAvnet
29,556 Views

Hi,

you said to attempt to setup a new SSL certificate doesn't seem to adress the issue. You were able to create a new certificate?

I cannot say that it will help for the System Manager 3.0 but in other scenarios with older System Managers this did help:

When you move the vol0 to another aggregate and if you use ndmpcopy for that, you loose the connection to the older System Managers, until you recreate the certificates:

secureadmin disable all

secureadmin setup –f ssh

secureadmin setup –f ssl

After that the system Manager can commuicate with the filer again.

Good luck,

Uwe.

thigian007
29,556 Views

UweRoosAvnet is right on. That fixed my issue. Thanks man.

This is actually in the How To Doc to move the Root volume. I must have skimmed over it myself...

https://kb.netapp.com/support/index?page=content&id=1010097&locale=en_US

RichRay
28,565 Views

I was unable to get OnCommand System Manager 3.1.1 for Linux to use SSL when talking to a cluster-mode 8.2.2P2 system, no matter what I tried.  Switched to 3.1.2RC1 and SSL started working.

waynesilvia
27,896 Views

I started receiving the same message for ALL my Filers (12) so I tried downloading and installing 3.1.2(rc2)  and that did not help.  I have another machine that has system manager on it and that one does does not produce the error message.  Also have co-workers that have 3.1.1 installed and they have not had the problem.  So something "happened" on my machine that it thinks that it cant make a secure connection.  tried different browers IE, Chrome, firefox and it has not mattered.  Just wanted to post something just in case someone else "suddenly" started having issues to let you know you are not alone.

 

waynesilvia
27,894 Views

I checked  TLS and it was off....enable it and the message went away.

 

https://library.netapp.com/ecmdocs/ECMP1368862/html/GUID-3E07D3F8-6A05-49C0-BF92-9C88BA252E1F.html

 

Not sure why other clients did not show an error message....

 

Tom78
27,795 Views

Same for me. Been using the same setup for about a year then its just started happening. I was wondering if the certs had expired on the NetApp's

yuvaraju
27,769 Views

For System Manager 3.1.2 to manage storage systems running Data ONTAP 7.3.x , 8.1.x and 8.2.x operating in 7-Mode ,TLS protocol must be enabled

If TLS protocol is not setup , System Manager 3.1.2 will display an error while adding to home page that TLS is not setup

TLS protocol is enabled by default for storage systems running Data ONTAP in Cluster mode.

Refer to https://kb.netapp.com/support/index?page=content&id=9010008

Tom78
27,340 Views

Tried enabling TLS on filer it didnt help. That woldnt make sense anyway as I havent upgraded system manager on 2 of my client machines and I havent changed anything on the Filers. I think it must be a Java update or windows update which has caused this as its happened on 2 machines for all my filers.

MWE
15,009 Views

Hi,

 

enable TLS and setup ssl again with generating a 2048 Bit Key

Works for me.

 

Regards Markus

Pielonet
7,713 Views

This solution worked for me.

 

Type following command to recreate the ssh key and type 2048 when prompted for key size :

 

secureadmin setup -f ssl

Pielonet
7,713 Views

Previous solution worked for me :

 

To recreate ssh key on your netapp device when connected by ssh, issue the following command and when prompted for Key size, type 2048 :

 

secureadmin setup -f ssl

 

Public