ONTAP Discussions

Import SSL Wildcard Certificate into ONTAP 9.3P2

orametrix

When we 1st installed our filer, the consultant helped us to import a wildcard SSL certificate into ONTAP and bind that certificate to the vserver for system manager, etc.  Well, that wildcard certificate has expired.  I've renewed it, but now I'm trying to figure out the magic for importing the certificate again. 

 

The "typical" process would be to generate a CSR and then have a third party sign it.  That's not what I need to do.  I have a fully formed certificate that I've exported from a Windows server.  There's is no need for a CSR--I've got an exported certificate.  So how do I import this thing into ONTAP?

 

Thanks!

1 REPLY 1

donny_lang

You should be able to install an existing CA-signed SSL cert with the "security certificate install" command, pasting in the cert and private key (and any intermediate/root certs) when prompted to do so. After that, you should be able to see your certificate in the output of the "security certificate show" command. 

 

From there, you can continue the certificate renewal process (delete expired cert, set new cert with "security ssl modify", etc.), specifying your newly imported certificate.

 

"security certificate install" documentation:

https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-cmpr-950%2Fsecurity__certificate__install.html

 

Replacing an expired digital certificate documentation:

https://library.netapp.com/ecmdocs/ECMP1636038/html/GUID-59C84C17-1019-4B54-9824-474576B68D95.html

 

 

Donny

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public