ONTAP Discussions

Cluster client certificate expire /renew

TimJMcCuen
446 Views

Hello,

 

I have a question about certificates.    How do i tell which client certificate my netapp cluster / vserver is currently using?  I have two client certificates for it (one expired and one not yet expired)   I thought as long as I had one with a date in the future I would be fine.   I have already corrected this issue for my server certificates.

 

I found out I was using an expired server certificate by running "SSL security show".  Is there a similar command for the "client" certificate?

 

To renew or apply the newer client certificate do I follow the same procedure as for renewing the server certificate just replacing server in the command with client?  Then do a ssl modify -vserver netapp1 -client-enabled true?

 

Thanks.   

1 REPLY 1

hmoubara
374 Views

Hello,

 

You should be able to use the command below to check expiration on security certificate:

cluster::> security certificate show -type <client/client-ca> -instance

 

As for the installation for the certificate, check the below link Starting P.383:

https://docs.netapp.com/us-en/ontap/pdfs/fullsite-sidebar/ONTAP_9_Documentation.pdf

 

Thanks 

 

Public