Microsoft Virtualization Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Microsoft Virtualization Discussions

Ask a Question

Expired certificates causing NetApp.ONTAP PSTK 9.13.1 install to fail

KevinMDavis
‎2024-10-15 12:53 PM
4,995 Views

We are moving a Workday environment and it's dependent upon using the PSTK commandlets for all user provisioning, onboarding and offboarding. PS v. 5.1, PSTK 9.13.1. 
We cannot install any version without hitting the same error.  It appears all the PSTK downloads are shipping with expired certs.  The certs expired 2 days ago on 10/13:
certs-expirted.png

 

PS C:\Windows\system32> install-module Netapp.Ontap -force -scope AllUsers

PackageManagement\Install-Package : The module 'NetApp.ONTAP' cannot be installed or updated because the authenticode

signature of the file 'NetApp.ONTAP.psd1' is not valid.

At C:\Program Files (x86)\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1:1809 char:21

+ ... $null = PackageManagement\Install-Package @PSBoundParameters

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo : InvalidOperation: (Microsoft.Power....InstallPackage:InstallPackage) [Install-Package],

Exception

+ FullyQualifiedErrorId : InvalidAuthenticodeSignature,ValidateAndGet-AuthenticodeSignature,Microsoft.PowerShell.P

ackageManagement.Cmdlets.InstallPackage

Failed to install or import required PSModules The following error occurred while loading the extended type data file: , C:\Program Files (x86)\WindowsPowerShell\Modules\NetApp.ONTAP\9.13.1.2306\DataONTAP.Type.ps1xml: The file was skipped because of the following validation exception: File C:\Program Files (x86)\WindowsPowerShell\Modules\NetApp.ONTAP\9.13.1.2306\DataONTAP.Type.ps1xml cannot be loaded. A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file..

, C:\Program Files (x86)\WindowsPowerShell\Modules\NetApp.ONTAP\9.13.1.2306\DataONTAP.C.Type.ps1xml: The file was skipped because of the following validation exception: File C:\Program Files (x86)\WindowsPowerShell\Modules\NetApp.ONTAP\9.13.1.2306\DataONTAP.C.Type.ps1xml cannot be loaded. A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file..

View By:
Tags (1)
1 ACCEPTED SOLUTION

saharsh
NetApp
‎2024-10-17 03:59 PM
4,394 Views

Hi Team,
The certificate on Toolchest has been renewed, and the toolkit is now functioning properly. We kindly invite you to download it from the link below.

 

https://mysupport.netapp.com/site/tools/tool-eula/ontap-powershell-toolkit/download


Additionally, we will be addressing this issue on the PowerShell Gallery as well.

Thank you for your understanding.

 

View solution in original post

0 Kudos
30 REPLIES 30

saharsh
NetApp
‎2024-10-18 02:43 AM
In response to MartinKøhrsen
1,123 Views

Now it is available on PowerShell toolkit also 
https://www.powershellgallery.com/packages/NetApp.ONTAP/9.15.1.2410

0 Kudos

brnosanse
‎2024-10-18 02:58 AM
In response to saharsh
1,070 Views

I guess older versions will not get available?

Is there anything I can do - so I do not need to change all the existing code with -ONTAPI or -ZAPICALL or such (I don’t remember exactly)?
This is just disaster...

well, another "bullet" for one of the big customers (150+ netapp systems), no one going to be happy to hear automation does not work anymore...

saharsh
NetApp
‎2024-10-18 03:11 AM
In response to brnosanse
849 Views

You can still run the old version of PSTK by following step:

1. Open PowerShell in administrator mode 

2. Run command Set-ExecutionPolicy Unrestricted

0 Kudos

brnosanse
‎2024-10-18 03:37 AM
In response to saharsh
846 Views

hello, it does not work for
Install-Module -Name NetApp.ONTAP -RequiredVersion 9.10.1.2111

and I do not know where else I can download that old version

MartinKøhrsen
a month ago
In response to brnosanse
804 Views

i didnt manage to install one of the older version after only setting `Set-ExecutionPolicy Unrestricted`, still got the authenticode error.

 

`Install-Module -Name NetApp.ONTAP -Scope AllUsers -RequiredVersion '9.14.1.2401' -Force -Repository PSGallery -SkipPublisherCheck`

 

Hope it helps

KevinMDavis
a month ago
In response to saharsh
765 Views

Set-ExecutionPolicy does not override systemwide GPOs that enforce code signing, AFAIK.

0 Kudos

saharsh
NetApp
a month ago
In response to brnosanse
806 Views

Hi we'll provide the new release for 9.10.1.2111 also

0 Kudos

KevinMDavis
a month ago
In response to saharsh
765 Views

If I were a customer with hundreds or thousands of lines of code that depends on working versions (AHEM...), I would fully expect that the new certs would be applied to every version available for download.
C'mon NetApp devs...applying new certs to the older versions and replacing the ones available with unexpired certs is... not difficult.

saharsh
NetApp
a month ago
In response to KevinMDavis
760 Views

For the default REST behavior, please use version 9.15.1.2410, which is backward compatible with all versions that have the default REST behavior.
We are currently signing the version with the default ZAPI behavior, specifically 9.10.2111

All Community Forums
Public