Our OnTap 9.5 P3 clusters have started complaining about thre certificates that are going to expire:
Jun 9 - 1 times(s): terraba [Terraba-01:mgmtgwd.certificate.expiring:error]: A digital certificate with Fully Qualified Domain Name (FQDN) Class2PrimaryCA, Serial Number 85BD4BF3D8DAE369F694D75FC3A54423, Certificate Authority 'Class 2 Primary CA' and type server-ca for Vserver Terraba will expire in the next 26 day(s). [user.err.3]
Jun 9 - 1 times(s): terraba [Terraba-01:mgmtgwd.certificate.expiring:error]: A digital certificate with Fully Qualified Domain Name (FQDN) DeutscheTelekomRootCA2, Serial Number 26, Certificate Authority 'Deutsche Telekom Root CA 2' and type server-ca for Vserver Terraba will expire in the next 29 day(s). [user.err.3]
Jun 9 - 1 times(s): terraba [Terraba-01:mgmtgwd.certificate.expiring:error]: A digital certificate with Fully Qualified Domain Name (FQDN) UTN-USERFirst-Hardware, Serial Number 44BE0C8B500024B411D3362AFE650AFD, Certificate Authority 'UTN-USERFirst-Hardware' and type server-ca for Vserver Terraba will expire in the next 29 day(s). [user.err.3]
Those certificates are not ones that we use and we really don't know the best way forward here. We did open a case and were told to just delete them and create new ones, but the problem is that the "security certificate create" process will only allof for the creation of "server" type certificates while the ones in question are "server-ca" certificates.
Are they really needed? Can they just be deleted and not re-created?