NetApp Community Update
This site will enter Read Only mode on July 23 as we prepare to move to a new platform. You will still be able to view content, but posting and replying will be temporarily disabled.
We're excited to launch our new Community experience on July 30 and more information will follow soon.
Stay connected during the transition - Join our Discord community today.

ONTAP Discussions

Cluster client certificate expire /renew

TimJMcCuen
5,409 Views

Hello,

 

I have a question about certificates.    How do i tell which client certificate my netapp cluster / vserver is currently using?  I have two client certificates for it (one expired and one not yet expired)   I thought as long as I had one with a date in the future I would be fine.   I have already corrected this issue for my server certificates.

 

I found out I was using an expired server certificate by running "SSL security show".  Is there a similar command for the "client" certificate?

 

To renew or apply the newer client certificate do I follow the same procedure as for renewing the server certificate just replacing server in the command with client?  Then do a ssl modify -vserver netapp1 -client-enabled true?

 

Thanks.   

2 REPLIES 2

hmoubara
5,337 Views

Hello,

 

You should be able to use the command below to check expiration on security certificate:

cluster::> security certificate show -type <client/client-ca> -instance

 

As for the installation for the certificate, check the below link Starting P.383:

https://docs.netapp.com/us-en/ontap/pdfs/fullsite-sidebar/ONTAP_9_Documentation.pdf

 

Thanks 

 

Ashun
3,700 Views
Public