How to Install a Enterprise/Public CA SSL Certificate on a Clustered NetApp Web UI
Installing a valid SSL certificate on a Clustered NetApp is a relatively straightforward task once you understand the commands. The key takeaway pointers are to already have your certificate and the complete certificate chain available. Quite often you may not have the RootCA certificate and will need to obtain that prior to installing your certificate on the NetApp.
How it works:
The basics of what commands are needed on the NetApp Cluster are as follows:- set -privilege advanced
- security certificate show
- Copy $VServer_Name name and $SerialNumber
- security certificate delete -vserver $VServer_Name -common-name $VServer_Name -ca $VServer_Name -type server -serial $SerialNumber
- To just remove all SSL certificates for a Vserver: security certificate delete -vserver $VServer_Name
- security certificate install -type server
- Paste contents of F.Q.D.N.cer
- Paste contents of F.Q.D.N.key
- Paste contents of CA-Intermediate.cer
- Paste contents of CA-Root.cer
- security certificate show
- Copy $VServer_Name name, $SerialNumber, and $CA_Name
- security ssl modify -vserver $VServer_Name -server-enabled true -serial $Serial_number -ca "$CA_Name"
- security ssl show
- set -privilege admin
What else?
I have also largely automated creating the script for the above process, you can see my blog post about Automating Enterprise/Public CA SSL Certificate Installation for Clustered NetApp.
Below is a transcript you can follow from start to finish:
Comments
Post a Comment