Hi, sorry but it doesnt, what i need is just installing a server_ca cert, which is described in the official documentation in the link i provided and the code that is ran is identical with the one from documentation ,unfortunately is not working and the certificate is not created on the storage

"not working" is not giving me enough information to give more specific help.

 

You might want to enable debug logging on your script so that you can verify the HTTP request and responses that are sent/received. There might be additional information there that will help you. Here are details about how to do that: https://library.netapp.com/ecmdocs/ECMLP2879970/html/index.html#log_all_api_calls-flag

Thanks for the reply. At this point I tend to believe that the procedure in the documentation is just wrong and that is just not the way you install a server_ca certificate on the cluster as the logging and debugging options you mentioned do not make any output with that script. While trying them into a different script they work and do make logging output.

Also , to be clear, im mentioning again, this is not my script , is the script from netapp documentation , copy paste, just replaced the info in the connection part and the certificated.


import logging
from netapp_ontap import HostConnection, utils, config
from netapp_ontap.resources import SecurityCertificate
from netapp_ontap.resource import Resource, ResourceSchema, ImpreciseDateTime, Size
from netapp_ontap import NetAppResponse
from netapp_ontap.error import NetAppRestError
from netapp_ontap.resources import svm
import pprint

logging.basicConfig(level=logging.DEBUG)
config.CONNECTION = HostConnection('', username='', password='', verify=False)
utils.LOG_ALL_API_CALLS = 1
resource = SecurityCertificate()
resource.type = 'server_ca'
resource.public_certificate = (
'-----BEGIN CERTIFICATE-----'

'-----END CERTIFICATE-----'
)
resource.post#(hydrate=True)

I assumed it was a typo or copy/paste problem before, but do you really have a "#" character in the last line of your script? If you do, that would be the issue because that is commenting out the actual function call and so no request would be sent. I don't see that present in the documentation you linked to.

Yes it was a typo and forgot to put it on new line as I don't need to use the hydrate function and when the hydrate function is there I either get one of the following errors as you can see in the picture: invalid format of certificate or server_ca is not one of the following :client, server , root_ca, server_ca . and if I remove the hydrate, the script finishes with no errors and the output shows as the CA is created, but not present on the storage.

Hydrate isn't a function on its own. I want to make sure we're saying the same thing here. The final line of your script should look like this:

 

resource.post()

 

Is that what it looks like to you? You mentioned "as you can see in the picture", but I cannot see any picture attached to this thread.

Yes , that's how it looks like with resource.post() . I tried attaching a picture on my last reply but it seems Im not allowed to. Also im only able to reply to the thread, or your post via email, but not able to reply on the website, that doesn't work, the post reply button is grayed out with a denied icon over the mouse pointer 🙂

OK. I'm having a bit of a difficult time understanding how your code isn't making any API calls if your script ends with resource.post(). Perhaps you could post your code and output with debugging enabled to something like a GitHub gist and provide the link? https://gist.github.com/

I have redacted only the cert a bit in the output posted on github. Here is the link
https://gist.github.com/CrisV1/cfca6f2e1cc12b214aac98bec149f47b

It is funny as I have already tried your suggestion when I ran a code to get all fields from an already existing installed certificate and noticed that the installed certificates have a '\n' at the end of each line but the script failed even with that. But now when I tried again it worked...for some reason . I will mark your suggestion as an accepted solution and I will point out again , as I thought initially, that the procedure in netapps documentation is wrong (incomplete) and caused this issue in the first place, as the example there is without '\n' at the end of the cert lines.

Thank you for the help.