Updated to 1.1 with some additional prompts prior to recreating certificates.

Updated version to 1.2 to resolve issue with ONTAP 9 and enahancing the checks for self-signed certificates. 

Excellent work, thank you!

Hi

Trying to test this at the moment but i getting the following error on the following lines -

You cannot call a method on a null-valued expression.
At line:302 char:9
+         $GetCertificateResults = $GetCertificateResults.ToString()

and

You cannot call a method on a null-valued expression.
At line:304 char:13
+         If ($GetCertificateResults.contains($SerialNumber)) {

Do you have any ideas ?

Thanks

===============

===============

===============

Edit Ignore This - redownloaded the file and the formatting was fixed.

Sorry I wasn't able to respond earlier.  I saw your edit - are you OK now? 

Getting the same errors as EHooper, unfortunately a redownload didn't correct the issue for me. Any ideas on what could be causing the errors?

You cannot call a method on a null-valued expression.
At C:\Users\REDACTED\Downloads\RiskResolverCertificate.ps1:308 char:9
+         $GetCertificateResults = $GetCertificateResults.ToString()
+         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull
 
You cannot call a method on a null-valued expression.
At C:\Users\REDACTED\Downloads\RiskResolverCertificate.ps1:310 char:13
+         If ($GetCertificateResults.contains($SerialNumber)) {
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

That set of results are achieved from an "Invoke-NcSsh" cmdlet.  Starting in the most recent versions of the NetApp PowerShell Toolkit, Putty version 0.70 is required to run SSH commands.  It isn't exactly clear in the installer, but talks about it in the FAQ.  Can you install that verison of Putty and ensure it is in your path and then attempt the script again?  

Hi

You get this error if you open the text file first then then copy it into powershell or ISE. The reason for this is the the line that is below

"#sleep between invoke SSH runs to ensure ONTAP is ready"

is all bunched up into one line and then the varible will be null because it wont run. When you open the file in ISE originally you will see it like this

Line 1 #Only return if shows as self-signed, had to reduce fields for ONTAP to return successfully

Line 2 #$GetCertificateCommand = "security certificate show -common-name $CommonName -serial $SerialNumber -ca $CertificateAuthority -type  $Type -size $Size -start $StartDateDT -expiration $ExpirationDateDT -public-cert $PublicCertificate -country $Country -state $State -locality $Locality -organization $Organization -unit $OrganizationUnit -email-addr $EmailAddress -protocol $Protocol -hash-function $HashFunction -self-signed true"       

Line 3 - $GetCertificateCommand = "security certificate show -common-name $CommonName -serial $SerialNumber -ca $CertificateAuthority -type  $Type -protocol $Protocol -hash-function $HashFunction -self-signed true"

Line - 4 $GetCertificateResults = Invoke-NcSsh $GetCertificateCommand

Line - 5 $GetCertificateResults = $GetCertificateResults.ToString()

Also MCGUE

i noticed that there was an error on the following line in your original script -

#The script will now check if the current cerificate is node specific
            If (($NumberOfNodes -ne 1 -and $Nodes -contains $Vserver) -or ($NumberOfNodes -eq 1 -and $Nodes.Node -eq $Vserver)) {

I had to change it to

#The script will now check if the current cerificate is node specific
            If (($NumberOfNodes -ne 1 -and $Nodes.node -contains $Vserver) -or ($NumberOfNodes -eq 1 -and $Nodes.Node -eq $Vserver)) {

If the .node isnt added it wont pick up the node names when you have multiple nodes. I tested both ways and .nodes wwas the only one that made it work.