Old client-ca of AIQUM remains after applying workaround for Mutual TLS issue
Applies to
- NetApp Active IQ Unified Manager (AIQUM) 9.12 and later
- ONTAP 9.10 and later
- Enabled Mutual Transport Layer Security (mTLS / Mutual TLS) for ONTAP cluster
Issue
There are multiple AIQUM client-ca certificates on ONTAP after executing the steps for when CERTIFICATE DETAILS is not available in Solution section in Cluster acquisition fails in AIQUM due to expired CA certificate for Mutual TLS communication
cluster1::> security certificate show -type client-ca
Vserver Serial Number Certificate Name Type
---------- --------------- -------------------------------------- ------------
cluster1 1604766BCAD45CB4
admin_1604766BCAD45CB4 client-ca
Certificate Authority: admin
Expiration Date: Mon Sep 08 00:56:36 2025
cluster1 405A1EC0FC028AB2
admin client-ca
Certificate Authority: admin
Expiration Date: Mon Aug 12 13:59:59 2024
cluster1 2DAE2E0DD1AD87A2
workarounduser client-ca
Certificate Authority: workarounduser
Expiration Date: Mon Sep 08 00:55:01 2025