Skip to main content
NetApp Knowledge Base

How to renew or recreate an ONTAP self-signed SSL certificate with the NetApp PowerShell Toolkit

Views:
5,532
Visibility:
Public
Votes:
3
Category:
ontap-9
Specialty:
CORE
Last Updated:

Applies to

  • ONTAP 9.9.1 and earlier
  • NetApp PowerShell Toolkit

Description

  • ONTAP uses self-signed certificates by default for SSL management access
  • Those certificates have expiration dates
  • To stay current with self-signed SSL certificates a recreation/renewal process is needed
  • This article details one method through the NetApp.ONTAP PowerShell toolkit
  • There is no downtime required to renew a certificate
  • If using ONTAP 9.10.1 or newer follow How to renew an ONTAP self-signed SSL certificate using ONTAP System Manager
Script Process
  1. Connecting to a cluster
  2. Collecting all existing certificates
  3. Ensuring the certificate is self-signed
  4. Creates a new certificate with the same properties as the previous one with a 10 year expiration
  5. Configures SSL on the SVM to use the new certificate
  6. Deletes the previous self-signed certificate
Note:  This is a community based script and therefore is supported by the community and not within the NetApp support organization.

Procedure

1. Install the NetApp.ONTAP PowerShell Toolkit.

2. Install the NetAppSSLCertificateRenew Script.

3. Follow the syntax and usage as outlined in the help section of the script:

PS C:\> get-help NetAppSSLCertificateRenew -detailed

4. Ensure the current PowerShell Execution Policy allows the running of this script (note:  this script is not signed).  Consult your system administrator if the PowerShell Execution Policy needs to be changed.

PS C:\> Get-ExecutionPolicy -list

5. Execute the script when ready:

PS C:\> NetAppSSLCertificateRenew​​​​​

Additional Information

  • To manually renew/recreate self-signed SSL certificates follow this process.
  • To use a certificate from a Certificate Authority (CA) follow this process.

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.