Cluster client certificate expire /renew

TimJMcCuen · ‎2022-04-11

Hello,

I have a question about certificates. How do i tell which client certificate my netapp cluster / vserver is currently using? I have two client certificates for it (one expired and one not yet expired) I thought as long as I had one with a date in the future I would be fine. I have already corrected this issue for my server certificates.

I found out I was using an expired server certificate by running "SSL security show". Is there a similar command for the "client" certificate?

To renew or apply the newer client certificate do I follow the same procedure as for renewing the server certificate just replacing server in the command with client? Then do a ssl modify -vserver netapp1 -client-enabled true?

Thanks.

hmoubara · ‎2022-04-11

Hello,

You should be able to use the command below to check expiration on security certificate:

cluster::> security certificate show -type <client/client-ca> -instance

As for the installation for the certificate, check the below link Starting P.383:

https://docs.netapp.com/us-en/ontap/pdfs/fullsite-sidebar/ONTAP_9_Documentation.pdf

Thanks

Ashun

hi

This link may be useful

Renew self-signed SSL certificate in ONTAP 9 - Resolution Guide - NetApp Knowledge Base

Cluster client certificate expire /renew

Portfolio Updates | NetApp ONAIR