Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi.
Our organization uses wildcard SSL certs (from godaddy) on all of our internal and external servers. All servers share the cert file and the private key. On our previous filer (FAS270, ontap 7.1) I was able to copy the files into /etc/keymgr/cert/secureadmin.key and /etc/keymgr/key/secureadmin.pem and things just worked. I can't get our new FAS2020 (ontap 7.3.5.1) to do that. When I enable secureadmin ssl, I just get the error
"[shfiler: httpd.socket.listener.create:error]: HTTPS Initialization failure; could not create listener socket."
I notice that when I run secureadmin setup ssl, it creates an encrypted key in keymgr/key/secureadmin.pem but I have no idea what it uses for the passphrase. Do I need to encrypt my key for the filer to accept it?
Thanks,
-Josh
Solved! See The Solution
1 ACCEPTED SOLUTION
jmalone has accepted the solution
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Naturally, as soon as I post the question, I solve the problem.
It seems that simply running 'secureadmin setup ssl' does whatever the voodoo is needed to get SSL working. After running that and generating a self-signed cert, I'm able to replace the files with the ones from my CA, restart secureadmin ssl and everything is happy. Sorry for the noise post.
-Josh
1 REPLY 1
jmalone has accepted the solution
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Naturally, as soon as I post the question, I solve the problem.
It seems that simply running 'secureadmin setup ssl' does whatever the voodoo is needed to get SSL working. After running that and generating a self-signed cert, I'm able to replace the files with the ones from my CA, restart secureadmin ssl and everything is happy. Sorry for the noise post.
-Josh
