Legacy Product Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Legacy Product Discussions

Ask a Question

Can't start Filerview (3140)

bobby_gillette
‎2011-01-12 06:55 AM
6,710 Views

When I try to open Filerview using https://.../na_admin I get can't open. I'm thinking I need to regenerate keys using keymgr, just don't have any experience doing so. Any help would be appreciated!

0 Kudos
View By:
1 ACCEPTED SOLUTION

ekashpureff
‎2011-01-12 07:14 AM
6,710 Views

You need to use the 'secureadmin' command to set up ssl.

secureadmin setup [ -f ] [ -q ] ssl configures the SSL server. The administrator needs to specify the distinguished name (DN) for the appliance.

The process generates a Certificate Signing Request (CSR) and a temporary self-signed certificate. The CSR,    located    in     /etc/keymgr/csr/secureadmin_tmp.pem, can optionally be submitted to a Certificate Authority (CA) for signing. The selfsigned certificate allows the SSL server to work without submitting the CSR to a CA. However, the browser may issue a security warning that the appliance's identity cannot be verified. In the US, the administrator can specify the key strengths of 512, 1024, 1536, or 2048. Otherwise it is set to 512.

The -f flag forces setup to run even if the SSL server has already been configured.

The
-q flag is the non-interactive mode for setting up SSL. The format for this command looks like "secureadmin setup -q ssl domestic<t/f> country state locality org unit fqdn email [keylen] [days until expires]


I hope this response has been helpful to you.

At your service,


Eugene E. Kashpureff
ekashp@kashpureff.org
Senior Systems Architect / NetApp Certified Instructor
http://www.linkedin.com/in/eugenekashpureff

(P.S. I appreciate points for helpful or correct answers.)

View solution in original post

0 Kudos
3 REPLIES 3

ekashpureff
‎2011-01-12 07:14 AM
6,711 Views

You need to use the 'secureadmin' command to set up ssl.

secureadmin setup [ -f ] [ -q ] ssl configures the SSL server. The administrator needs to specify the distinguished name (DN) for the appliance.

The process generates a Certificate Signing Request (CSR) and a temporary self-signed certificate. The CSR,    located    in     /etc/keymgr/csr/secureadmin_tmp.pem, can optionally be submitted to a Certificate Authority (CA) for signing. The selfsigned certificate allows the SSL server to work without submitting the CSR to a CA. However, the browser may issue a security warning that the appliance's identity cannot be verified. In the US, the administrator can specify the key strengths of 512, 1024, 1536, or 2048. Otherwise it is set to 512.

The -f flag forces setup to run even if the SSL server has already been configured.

The
-q flag is the non-interactive mode for setting up SSL. The format for this command looks like "secureadmin setup -q ssl domestic<t/f> country state locality org unit fqdn email [keylen] [days until expires]


I hope this response has been helpful to you.

At your service,


Eugene E. Kashpureff
ekashp@kashpureff.org
Senior Systems Architect / NetApp Certified Instructor
http://www.linkedin.com/in/eugenekashpureff

(P.S. I appreciate points for helpful or correct answers.)

0 Kudos

bobby_gillette
‎2011-01-12 09:25 AM
In response to ekashpureff
6,710 Views

Thank you Eugene, exactly what I needed! Now to find where I assign points ...

0 Kudos

marty_harris
‎2012-11-01 11:09 AM
In response to ekashpureff
6,710 Views

Hi Eugene,

Any chance you could tell me what the 'domestic' option does on the secureadmin -q ssl command line?

-q flag is the non-interactive mode for setting up SSL. The format for this command looks like "secureadmin setup -q ssl domestic<t/f> country state locality org unit fqdn email [keylen] [days until expires]

Thanks!

0 Kudos
All Community Forums
Public