ONTAP Discussions

CertPlus Cert expiring

CourtneyPeel
Spoiler
Hi 

I received the following alert mgmtgwd.certificate.expiring: A digital certificate with Fully Qualified Domain Name (FQDN) Class2PrimaryCA, Serial Number 85BD4BF3D8DAE369F694D75FC3A54423, Certificate Authority 'Class 2 Primary CA' and type server-ca for Vserver..

The CertPlus cert is expiring shortly can I remove this cert to suppress the alerts as we use an internal CA?
1 ACCEPTED SOLUTION

donny_lang

Removing a certificate entirely can be done with the "security certificate delete" command. 

 

Its documentation is located here: 

https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-cmpr-950%2Fsecurity__certificate__delete.html

View solution in original post

4 REPLIES 4

CourtneyPeel

Hi 

 

Thank you for the links, the Certplus root CA is expiring and does not seem to be renewing it is possible to remove this cert? 

MS is removing these from in an upcoming update:

 

This release will disable the following roots (Root Certificate \ SHA-1 Thumbprint):

  1. CertPlus Class 3P Primary CA \ 216B2A29E62A00CE820146D8244141B92511B279
  2. CertPlus Class 3 Primary CA \ D2EDF88B41B6FE01461D6E2834EC7C8F6C77721E
  3. CertPlus Class 3TS Primary CA \ F44095C238AC73FC4F77BF8F98DF70F8F091BC52

Yo-Soon
 

donny_lang

Removing a certificate entirely can be done with the "security certificate delete" command. 

 

Its documentation is located here: 

https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-cmpr-950%2Fsecurity__certificate__delete.html

View solution in original post

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public