Because vulnerabilities were discovered in SSL v3 you can no longer guarantee communications using it are secure. As a result the SDK was also adapted to require TLS and I added the instructions to enable TLS in Data ONTAP. If you have controllers that don't support TLS and you can't or don't want to upgrade them to a release that does, as a workaround you could use an older version of the SDK, such as v 5.3, that still allows non TLS connections.
Since the vulnerability is in the design of SSLv3 itself you should not assume your communications using it are secure. Updating Data ONTAP to a release with TLS support is the answer. If it isn't possible then you could take steps to reduce the risk such as (a) using RBAC so that the user login details that could be compromised is capable of only read-only actions, (b) modify options httpd.admin.access so that a small set of hosts are allowed to manage the system.
If you have an environment with a mix of systems, some supporting TLS and some not, you could still use the 5.3 SDK and just make sure that SSLv3 is disabled on the systems that support TLS. In this way you are vulnerable only on the systems where there is no alternative.
Cheers, Chris Madden
Storage Architect, NetApp EMEA (and author of Harvest)
I had follow your steps (on 7-Mode 8.0.2P4 TLS dosen't exist) and it still doesn't work
Error message :
[WARNING] [sysinfo] Update of system-info cache DOT Version failed with reason: No response received from server; Recommend to verify TLS is enabled (7-mode: options tls.enable) and/or setup ssl again (7-mode: secureadmin setup ssl)
[WARNING] [main] system-info update failed; will try again in 10 seconds.