How to Install a Enterprise/Public CA SSL Certificate on a Clustered NetApp Web UI


Installing a valid SSL certificate on a Clustered NetApp is a relatively straightforward task once you understand the commands. The key takeaway pointers are to already have your certificate and the complete certificate chain available. Quite often you may not have the RootCA certificate and will need to obtain that prior to installing your certificate on the NetApp.

How it works:

The basics of what commands are needed on the NetApp Cluster are as follows:
  • set -privilege advanced
  • security certificate show
    • Copy $VServer_Name name and $SerialNumber
  • security certificate delete -vserver $VServer_Name -common-name $VServer_Name -ca $VServer_Name -type server -serial $SerialNumber
    • To just remove all SSL certificates for a Vserver: security certificate delete -vserver $VServer_Name 
  • security certificate install -type server
    • Paste contents of F.Q.D.N.cer
    • Paste contents of F.Q.D.N.key
    • Paste contents of CA-Intermediate.cer
    • Paste contents of CA-Root.cer
  • security certificate show
    • Copy $VServer_Name name, $SerialNumber, and $CA_Name
  • security ssl modify -vserver $VServer_Name -server-enabled true -serial $Serial_number -ca "$CA_Name"
  • security ssl show
  • set -privilege admin

What else?

I have also largely automated creating the script for the above process, you can see my blog post about Automating Enterprise/Public CA SSL Certificate Installation for Clustered NetApp.


Below is a transcript you can follow from start to finish:

Comments

Popular posts from this blog

Sierra Wireless LTE Modem Guide: Automated Flashing of the EM7455/MC7455 with a Ubuntu Linux 18.04 LiveCD

Crossflashing the Dell PERC H200 and H310 to the LSI 9211-8i

Installing OpenWRT/ROOter on a RBM33G/RBM11G