You are not.

A customer of mine is facing the same...er...challenge.

Please open a case, I will let them do the same.

Rumor has it, that NetApp is aware of the issue and are actively working on a resolution.
As a workaround please download the PSTK from the support page (<https://mysupport.netapp.com/site/tools/tool-eula/ontap-powershell-toolkit>), don't use the MS PowerShell gallery version.

Thanks, psx.

But, we had already tried the version from the support page in addition to the PowerShell Gallery version. Tried 9.15 as well....
We'll await notification from the devs that this is done.  But man, if they're going to let these expire, releasing current code with a cert expiration that's looming is a big miss on their part, QA-wise.

Hi Kevin,

just back from testing the support page version, and you are correct, of course. The certificate is the same expired one.

Let's hope for a quick fix.

I agree that one can 'get' the PSTK files from the support site, but alas, as of now it is still signed using the cert that expired on 10/13/2024. 

We opened a support case yesterday, and escalated it today (because, surprise surprise, despite it being a P2 by 13:45 ET today we'd rec'd zero response).  After escalation, we were told the PSTK development team was made aware and it had eyes on it.

Given that this is essentially and easy fix (generate a new cert; sign the code with it; upload the new versions to the Support Site and PowerShell Gallery), we expect tomorrow. 🤞

Great to hear! Thanks for jumping on this, fingers crossed for an update tomorrow. 

Typically this breaks when you're working in an environment that enforces code signing (if you're not, you oughta be looking into that...).  PS tools are widely available, and to consider that malicious code could sneak into a public download is hardly outside the realm of possibility in this day and age.

What makes this problem worse is that the certificate that signed 9.14, and previous versions, is currently expired on the repository and did not include a timestamp server, so rolling back to any previous version is not possible unless you have your Execution Policy set to Unrestricted, which will ignore issue code-signing issues. The current guidance provided by NetApp regarding the expired code-signing certificate is to ignore code-signing with the Unrestricted policy, or download the code from NetApp support, however NetApp support only provides the latest 9.15 version containing the transient flag bug. Our company enforces code-signing, so setting the Execution Policy to Unrestricted is not an option.

Hey NetApp, next time you code-sign something, include a timestamp server, so the signature is not invalidated when your code signing certificate expires, since the timestamp server proves the signature was created when the certificate was valid, thus the signature stays valid even after the code-signing certificate expires.

I worked around this by downloading the nuget 'nupkg' file for the 9.14.1.2401 version from the manual tab on the repository page, which is just a renamed .zip file. I extraced everything to "C:\Program Files\WindowsPowerShell\Modules\NetApp.ONTAP\9.14.1.2401", minus the nuget specific folders: package, webhelp, webhelp.C, and _rels. I also did not extract the [Content_Types].xml file.

Hello, is there a way to download old version - 9.10.1.2111?

I need old version because it is last version which working with my scripts since Netapp (to my annoyance) changed commands and many does not work without some special switches such as -ONTAPI or -ZAPICALL or such (I don’t remember exactly).

I have thousands of lines of automation which I will be throwing out later (probably resigning my position also, because without this automation I am unable to manage 150+ systems)

We'll provide the new release for 9.10.1.2111 also

When can we expect powershell gallery to be updated ?

Additionally, i would not consider this issue "fixed", when the public powershell gallery download part is not yet fixed...