Microsoft Virtualization Discussions

"The expression is missing a value" with Set-NcSecuritySsl/Get-NcSecuritySsl and ONTAP 9.x

mcgue
7,176 Views

I have a script that I have used these two cmdlets without issue on any 8.2/8.3 flavor I've tested.  Now testing against 9.x I get this error with other of these cmdlets.  I was able to resolve for the "Get" by changing the -vserver parameter to using -vservercontext instead.  Why would the new OS version require that difference?  Regarding the "Set" cmdlet, regardless of passing values for every parameter accepted by that cmdlet I still get this error and now way around it.  Any ideas on the difference in ONTAP 9 that might be causing this?  I've tested against multiple 9.0x and 9.1x systems and getting the same results.  

1 ACCEPTED SOLUTION

asulliva
6,722 Views

Hello @mcgue,

 

This appears to be a bug in the PSTK.  I'm able to do modifications by executing ZAPI directly from PowerShell...for example:

 

Invoke-NcSystemApi -VserverContext $svmName "<security-ssl-modify><client-authentication-enabled>false</client-authentication-enabled></security-ssl-modify>"

As a workaround, it should be relatively straightforwad to create a custom PowerShell function to wrap creating the ZAPI request for this.

 

I'll create a new bug for this issue.  I'm happy to pay you in NetApp stickers (if you're not already innundated) for finding it : )

 

Andrew

If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

View solution in original post

9 REPLIES 9

Marius
6,743 Views

Hi,

 

do you have any update to this problem? I have the same one with the set-NcSecuritySsl Command in Ontap 9.1.

 

Regards,

Marius

asulliva
6,723 Views

Hello @mcgue,

 

This appears to be a bug in the PSTK.  I'm able to do modifications by executing ZAPI directly from PowerShell...for example:

 

Invoke-NcSystemApi -VserverContext $svmName "<security-ssl-modify><client-authentication-enabled>false</client-authentication-enabled></security-ssl-modify>"

As a workaround, it should be relatively straightforwad to create a custom PowerShell function to wrap creating the ZAPI request for this.

 

I'll create a new bug for this issue.  I'm happy to pay you in NetApp stickers (if you're not already innundated) for finding it : )

 

Andrew

If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

mcgue
6,695 Views

Thanks Andrew!  I appreciate the syntax as well for the invoke API cmdlet as I hadn't used that yet.  I'll craft that as a workaround.  Good stuff!

hland
6,558 Views

i Andrew,

 

did you ever found the time to file the bug (as I couldn't find it)? If not, I'll go ahead and do it so this can be fixed. Just ran into this as well...

 

Thanks

 

Hendrik

mirko
6,491 Views

$Request = @"
<security-ssl-modify>
<certificate-authority>$CA</certificate-authority>
<certificate-serial-number>$Serial</certificate-serial-number>
<common-name>$CN</common-name>
<server-authentication-enabled>true</server-authentication-enabled>
<vserver>$VserverName</vserver>
</security-ssl-modify>
"@
Invoke-NcSystemApi -VserverContext $VserverName -Request $Request

 

This worked for me

 

+1 to file a burt

Girton
5,723 Views

Mirko,

 

Thank you for your script code.  It was very useful.

 

Dan

mcgue
6,479 Views

ronaldmajor
5,316 Views

Has the bug with Set-NcSecuritySsl been fixed? I still see the issue in PSTK 4.4.

The workaround works nicely though. Thanks for that.

 

asulliva
5,251 Views

Hello @ronaldmajor,

 

The bug id is 1074255, it appears to still be open.

 

Hope that helps.

 

Andrew

If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Public