ONTAP Discussions

CertPlus Cert expiring

CourtneyPeel
3,492 Views
Spoiler
Hi 

I received the following alert mgmtgwd.certificate.expiring: A digital certificate with Fully Qualified Domain Name (FQDN) Class2PrimaryCA, Serial Number 85BD4BF3D8DAE369F694D75FC3A54423, Certificate Authority 'Class 2 Primary CA' and type server-ca for Vserver..

The CertPlus cert is expiring shortly can I remove this cert to suppress the alerts as we use an internal CA?
1 ACCEPTED SOLUTION

donny_lang
3,222 Views

Removing a certificate entirely can be done with the "security certificate delete" command. 

 

Its documentation is located here: 

https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-cmpr-950%2Fsecurity__certificate__delete.html

View solution in original post

4 REPLIES 4

CourtneyPeel
3,363 Views

Hi 

 

Thank you for the links, the Certplus root CA is expiring and does not seem to be renewing it is possible to remove this cert? 

MS is removing these from in an upcoming update:

 

This release will disable the following roots (Root Certificate \ SHA-1 Thumbprint):

  1. CertPlus Class 3P Primary CA \ 216B2A29E62A00CE820146D8244141B92511B279
  2. CertPlus Class 3 Primary CA \ D2EDF88B41B6FE01461D6E2834EC7C8F6C77721E
  3. CertPlus Class 3TS Primary CA \ F44095C238AC73FC4F77BF8F98DF70F8F091BC52

donny_lang
3,223 Views

Removing a certificate entirely can be done with the "security certificate delete" command. 

 

Its documentation is located here: 

https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-cmpr-950%2Fsecurity__certificate__delete.html

Yo-Soon
3,077 Views
 
Public