Software Development Kit (SDK) and API Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Software Development Kit (SDK) and API Discussions

Ask a Question

Powershell connect-nacontroller results in "Could not create SSL/TLS secure channel"

LHow
‎2024-10-15 07:31 AM
392 Views

Hello! 

New array deployment here. Former NetApp customer returning and looking to manage some aspects of day to day admin via the Netapp.ONTAP powershell modules. I have been unable to get connected and support suggested posting here.

if (Get-Module -ListAvailable -Name NetApp.ONTAP) {
    Write-Host "NetApp Modules are installed..."
} 
else {
    Write-Host "NetApp Module does not exist....installing now...."
    Install-Module -Name NetApp.ONTAP
}

# Variables
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls13
$NetAppArray='netapp01.domain.com'
$cred=$(Get-Credential)

# Connect to array
Connect-NaController -Name $NetAppArray -Credential $cred -HTTPS

Error as follows:

Connect-NaController : Connection to netapp01.domain.com using HTTPS failed - The request was aborted: Could not create SSL/TLS secure channel.
The error may be resolved by generating a new certificate on the storage controller, with a longer key length.
At O:\Network\Scripts\PowerShell\NetApp.ps1:17 char:1
+ Connect-NaController -Name $NetAppArray -Credential $cred -HTTPS
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidResult: (netapp01.domain.com:NaController) [Connect-NaController], NaConnectionSSLException
+ FullyQualifiedErrorId : HttpConnectionFailed,DataONTAP.PowerShell.SDK.ConnectNaController

 

Things I have tried:

Verified key length is 2048. I have tried forcing TLS 1.2 and 1.3 from powershell. Tried shortname/FQDN/IP. I have used the built-in self signed cert as well as a purchased digicert wildcard. 

 

Some output from the array (run with 'set advanced'):

netapp01::*> security certificate show -fields size -type server                    
vserver common-name serial           ca       type   subtype cert-name                 size 
------- ----------- ---------------- -------- ------ ------- ------------------------- ---- 
netapp01 
        netapp01    0C02639083A3E774E2E1B51125F1BB34 
                                     "DigiCert Global G2 TLS RSA SHA256 2020 CA1" 
                                              server -       netapp01_wildcard2025     2048 
netapp01 
        netapp01    17D48425558215B2 netapp01 server -       netapp01_17D48425558215B2 2048 
4 entries were displayed.

 

netapp01::*> security config show -fields supported-protocols
interface supported-protocols 
--------- ------------------- 
SSL       TLSv1.3,TLSv1.2

Thanks in advance for any ideas.

0 Kudos
Tags (1)
1 ACCEPTED SOLUTION

LHow
‎2024-10-15 08:32 AM
356 Views

Just tried connect-nccontroller and that works, so will proceed with that.

View solution in original post

0 Kudos
1 REPLY 1

LHow
‎2024-10-15 08:32 AM
357 Views

Just tried connect-nccontroller and that works, so will proceed with that.

0 Kudos
All Community Forums
Public