Skip to main content
NetApp Knowledge Base

AIQUM fails to add new ONTAP cluster or discover previously added clusters due to expired AIQUM HTTPS certificate

  1. Last updated
  2. Save as PDF
Views:
15,113
Visibility:
Public
Votes:
7
Category:
active-iq-unified-manager
Specialty:
om
Last Updated:

Applies to

  • Active IQ Unified Manager (AIQUM) 9.x
  • ONTAP 9.x

Issue

  • DASHBOARD in AIQUM displays following message:

Cluster discovery failed. Rediscover the cluster after resolving the issue.

  • Error appears when attempting to add ONTAP cluster to AIQUM

Unable to add cluster data source. The certificate has expired.

Unable to add cluster data source. This can occur if the clocks on the systems are not synchronized and the Unified Manager HTTPS certificate start date is later than the date on the cluster, or if the cluster has reached the maximum number of EMS notification destinations.

  • ONTAP shows expired server-ca certificates from AIQUM
  • Cluster discovery fails even after renewal of the server-ca certificate from AIQUM GUI
  • On the cluster on the node currently hosting the cluster management LIF, the mlog\audit.log shows an error similar to this:

[kern_audit:info:1948] 8XXXXXXXXXXXXXX :: test-cluster-01:ontapi :: 10.255.111.111:59999 :: test-cluster-01:ocum :: security-certificate-install :: Error: The certificate has expired.

  • ocumserver.log:

Failed to add the datasource
com.onaro.commons.exception.ConfigurationException: Server returned HTTP status 500.HTTP error message :{"timestamp":"2025-08-05T09:45:07.721+00:00","status":500,"error":"Internal Server Error","path":"/acquisition-api/server/datasource"}

  • jboss/server_acq.log :

ERROR [common-pool-3443] c.o.s.a.d.n.t.z.ZAPIConnection (ZAPIConnection.java:444) - [netappfoundation] <cluster_IP> - Communication problem with the cluster: <cluster_IP>, command: system-get-version, error: 'Received fatal alert: certificate_expired' on try 5 out of 5

  • acquisiton/au.log:

c.n.u.RestUtil (RestUtil.java:175) - Error while getting socket factory java.security.KeyStoreException: Cannot store non-PrivateKeys

...

SSL handshake error on system-get-version try 5 out of 5, Received fatal alert: certificate_expired javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_expired

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.