Community maintenance is complete. Thank you for your patience!

ONTAP Discussions

Problems accessing command-history.log via http

DARREN_REED

Reviewing the Systems Administrators Guide for OnTAP 8.2 (https://library.netapp.com/ecm/ecm_download_file/ECMP1196798), I am working through the checklist of things to allow access to command-history.log files via HTTP.

 

This is covered on pages 42 & 43.

 

mycluster::> system services web show
External Web Services: true
Status: online
HTTP Protocol Port: 80
HTTPs Protocol Port: 443
TLSv1 Enabled: true
SSLv3 Enabled: true
SSLv2 Enabled: false

mycluster::> vserver services web show -vserver mycluster -name spi

Vserver: mycluster
Service Name: spi
Type of Vserver: admin
Version of Web Service: 1.2.0
Description of Web Service: Service Processor Infrastructure
Long Description of Web Service: This service offers HTTP/HTTPs access to applications running on the Service Processor. Log and core files from all nodes in the cluster will be exposed for Service Processor retrieval.
Service Requirements: ontapi=1.0.0, index>1.0.0
Default Authorized Roles: admin
Enabled: true
SSL Only: false


mycluster::> vserver services web access show -vserver mycluster -role admin
Vserver Type Service Name Role
-------------- -------- ---------------- ----------------
mycluster admin ontapi admin
mycluster admin spi admin
2 entries were displayed.

 

mycluster::> security login show -username admin -vserver mycluster -application service-processor

Vserver: mycluster
Authentication Acct
UserName Application Method Role Name Locked
---------------- ----------- -------------- ---------------- ------
admin service-processor
password admin no


mycluster::> security login role show -role admin
Role Command/ Access
Vserver Name Directory Query Level
---------- ------------- --------- ----------------------------------- --------
mycluster admin DEFAULT all

 

$ wget --no-check-certificate https://admin:*@mycluster/spi/myclusterc01/etc/mlog/
--2016-01-25 09:40:43-- https://admin:*password*@mycluster/spi/mycluster01/etc/mlog/
Resolving mycluster... 10....
Connecting to mycluster|10....|:443... connected.
WARNING: cannot verify mycluster▒s certificate, issued by ▒/CN=mycluster.cert/C=US/ST=/L=/O=/OU=/emailAddress=▒:
Self-signed certificate encountered.
WARNING: certificate common name ▒mycluster.cert▒ doesn't match requested host name ▒mycluster▒.
HTTP request sent, awaiting response... 401 Authorization Required
Reusing existing connection to mycluster:443.
HTTP request sent, awaiting response... 403 Forbidden
2016-01-25 09:40:44 ERROR 403: Forbidden.

 

 

... what am I missing?

1 ACCEPTED SOLUTION

georgevj

Seems like there is an error in URL?

wget --no-check-certificate https://admin:*@mycluster/spi/myclusterc01/etc/mlog/

 

this must be wget --no-check-certificate https://admin:*@mycluster/spi/myclusterc01/etc/log/mlog/

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Cannot find the answer you need? No need to open a support case - just CHAT and we’ll handle it for you.

View solution in original post

3 REPLIES 3

georgevj

what does this command say?

 

security login show -username admin -vserver mycluster -application http

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Cannot find the answer you need? No need to open a support case - just CHAT and we’ll handle it for you.

DARREN_REED

mycluster::> security login show -username admin -vserver mycluster -application http
Vserver: mycluster
Authentication Acct
UserName Application Method Role Name Locked
---------------- ----------- -------------- ---------------- ------
admin http password admin no
 

georgevj

Seems like there is an error in URL?

wget --no-check-certificate https://admin:*@mycluster/spi/myclusterc01/etc/mlog/

 

this must be wget --no-check-certificate https://admin:*@mycluster/spi/myclusterc01/etc/log/mlog/

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Cannot find the answer you need? No need to open a support case - just CHAT and we’ll handle it for you.

View solution in original post

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public