- ONTAP 9
- NetApp PowerShell Toolkit
ONTAP uses self-signed certificates by default for SSL management access. Those certificates have expiration dates. To stay current with self-signed SSL certificates a recreation/renewal process is needed. This article details one method through the NetApp.ONTAP PowerShell toolkit. There is no downtime required to renew a certificate.
- Connecting to a cluster
- Collecting all existing certificates
- Ensuring the certificate is self-signed
- Creates a new certificate with the same properties as the previous one with a 10 year expiration
- Configures SSL on the SVM to use the new certificate
- Deletes the previous self-signed certificate
|Note: This is a community based script and therefore is supported by the community and not within the NetApp support organization.|
1. Install the NetApp.ONTAP PowerShell Toolkit.
2. Install the NetAppSSLCertificateRenew Script.
3. Follow the syntax and usage as outlined in the help section of the script:
PS C:\> get-help NetAppSSLCertificateRenew -detailed
4. Ensure the current PowerShell Execution Policy allows the running of this script (note: this script is not signed). Consult your system administrator if the PowerShell Execution Policy needs to be changed.
PS C:\> Get-ExecutionPolicy -list
5. Execute the script when ready:
PS C:\> NetAppSSLCertificateRenew