Data ONTAP Discussions

Highlighted

CertPlus Cert expiring

Spoiler
Hi 

I received the following alert mgmtgwd.certificate.expiring: A digital certificate with Fully Qualified Domain Name (FQDN) Class2PrimaryCA, Serial Number 85BD4BF3D8DAE369F694D75FC3A54423, Certificate Authority 'Class 2 Primary CA' and type server-ca for Vserver..

The CertPlus cert is expiring shortly can I remove this cert to suppress the alerts as we use an internal CA?
4 REPLIES 4

Re: CertPlus Cert expiring

Re: CertPlus Cert expiring

Hi 

 

Thank you for the links, the Certplus root CA is expiring and does not seem to be renewing it is possible to remove this cert? 

MS is removing these from in an upcoming update:

 

This release will disable the following roots (Root Certificate \ SHA-1 Thumbprint):

  1. CertPlus Class 3P Primary CA \ 216B2A29E62A00CE820146D8244141B92511B279
  2. CertPlus Class 3 Primary CA \ D2EDF88B41B6FE01461D6E2834EC7C8F6C77721E
  3. CertPlus Class 3TS Primary CA \ F44095C238AC73FC4F77BF8F98DF70F8F091BC52

Re: CertPlus Cert expiring

Removing a certificate entirely can be done with the "security certificate delete" command. 

 

Its documentation is located here: 

https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-cmpr-950%2Fsecurity__certificate__delete.html

Re: CertPlus Cert expiring

 
Forums