Trusted Certificate Authorities - admin - Expired

MooreCE

In ONTAP 9.13.1, in the Trusted Certificate Authorities, one of them is named "admin." I vaguely understand this to be a built-in cert, but it's expired. The scope is at the cluster level, so I'm wondering what the implications are. Just doing a CSR for a CA-signed cert titled "admin" doesn't seem like best practice; but I was also led to believe that this principle may be tied to some critical components of the NetApp. That may be a misnomer given that the name is "admin" which is also the name of the local account. I could use some clarity on this; I'm a bit new to engineering NetApp.

NOTE: Our NetApp is part of an air-gapped network.

chamfer

@MooreCE,

From testing the Trusted Certificate Authority "admin" that has the Scope of "Cluster" and Type "Client CA" is created when an ONTAP cluster is connected to NetApp ActiveIQ Unified Manager.

If you do delete it then you just need to through a reissue of certificate from Unified Manager to connect to the NetApp ONTAP array otherwise the ONTAP array will show as not connected in Unified Manager.

This is all within an air-gapped network also.