What is cert Authentication Method that has been added when using AIQUM?

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 184

Visibility:: Public

Votes:: 0

Category:: active-iq-unified-manager

Specialty:: om

Last Updated:

Applies to

Active IQ Unified Manager (AIQUM) 9.12 or later
ONTAP 9.10 or later
Mutual Transport Layer Security (mTLS)

Answer

The cert authentication method with Application set to http and optapi, which can be seen with security login show command output, is added by AIQUM.

::> security login show

Vserver: vserver-01
Second
User/Group Authentication Acct Authentication
Name Application Method Role Name Locked Method
-------------- ----------- ------------- ---------------- ------ --------------
admin amqp password admin no none
admin console password admin no none
admin http cert admin - none
admin http password admin no none
admin ontapi cert admin - none
admin ontapi password admin no none
admin service-processor password admin no none
admin ssh password admin no none

Note:

If these user entries are get deleted, AIQUM will fail to monitor the cluster.

Additional Information

What certificates does AIQUM use, what is impact when expired and how to regenerate?
Prior to AIQUM 9.12, AIQUM uses password credentials for communicating with ONTAP.
Starting with AIQUM 9.12, AIQUM uses mTLS for communicating with ONTAP for any new cluster added. For the existing cluster, AIQUM will register the mTLS certificate to ONTAP cluster automatically after AIQUM server or services restart.