Skip to main content
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.
NetApp Knowledge Base

Conversion of backup on On-prem to AWS S3 over AWS S3 private link from HTTP to HTTPS fails with certificate or connectivity error

Views:
211
Visibility:
Public
Votes:
0
Category:
cloud-manager
Specialty:
core
Last Updated:

Applies to

  • Cloud Manager
  • Backup enable on On-Prem
  • AWS S3
  • AWS S3 Private Link
  • HTTPS
  • Path Style URL
  • Cloud Backup Services (CBS)
  • Intercluster lif in non-default IPspace

Issue

Conversion of Cloud Backup from On-prem to AWS S3 over AWS S3 private link over AWS VPC Endpoint Interface from HTTP to HTTPS fails on ONTAP CLI with certificate or connectivity error

OnPremCluster::*> snapmirror object-store config modify -is-ssl-enabled true -is-certificate-validation-enabled true -object-store-name netapp-backup-15d64678-1bc9-11ec-950d-95d34ca056b5 -port 443
Error: command failed: Failed to modify object store configuration during config modify for Vserver "OnPremCluster", object store "netapp-backup-15d64678-1bc9-11ec-950d-95d34ca056b5". (confirmation needed)


OnPremCluster::*> set -confirmations off

OnPremCluster::*> snapmirror object-store config modify -is-ssl-enabled true -is-certificate-validation-enabled true -object-store-name netapp-backup-15d64678-1bc9-11ec-950d-95d34ca056b5 -port 443
Error: command failed: Failed to modify object store configuration during config modify for Vserver "OnPremCluster", object store "netapp-backup-15d64678-1bc9-11ec-950d-95d34ca056b5". (Cannot verify availability of the object store from node OnPremCluster-01. Reason: Cannot verify the certificate given by the object store server. It is possible that the certificate has not been installed on the cluster. Use the 'security certificate install -type server-ca' command to install it..)

OnPremCluster::*> snapmirror object-store config modify -is-ssl-enabled true -is-certificate-validation-enabled false -object-store-name netapp-backup-15d64678-1bc9-11ec-950d-95d34ca056b5 -port 443
Error: command failed: Failed to modify object store configuration during config modify for Vserver "OnPremCluster", object store "netapp-backup-15d64678-1bc9-11ec-950d-95d34ca056b5". (Certificate validation must be enabled for object store provider AWS_S3.)

OnPremCluster::*> set -confirmations on

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support