Skip to main content
NetApp Knowledge Base

ONTAP AutoSupport messages fail using HTTPS: SSL certificate problem

Views:
12,110
Visibility:
Public
Votes:
3
Category:
ontap-9
Specialty:
CORE
Last Updated:

Applies to

  • ONTAP 9
  •  HTTPs transport protocol for AutoSupport messages

Issue

  • AutoSupport messages fail using HTTPS as the transport:

::> system node autosupport history show -node node_name -seq-num <seq_num> -instance
                                Node: node_name
         AutoSupport Sequence Number: seq_num
    Destination for This AutoSupport: https
                       Trigger Event: callhome.management.log
                 Time of Last Update: 1/12/2021 02:58:59
                  Status of Delivery: transmission-failed
                   Delivery Attempts: 15
                 AutoSupport Subject: MANAGEMENT_LOG
                        Delivery URI: 10.106.130.129:8080(support.netapp.com/put/AsupPut)
                          Last Error: SSL certificate problem: unable to get local issuer certificate

::> autosupport check show-details -node node_name
          Node: node_name
      Category: http-https
     Component: http-put-destination
        Status: failed
        Detail: HTTP/S PUT connectivity check failed for destination:
            https://support.netapp.com/put/AsupPut/ via proxy -
            123.123.123.123:8080. Error: Peer certificate can not be
            authenticated with given Certificate Authority
            certificates.
 Corrective Action: Certificate issue. Please make sure you have the correct
                    Root Certificate installed
     Component: http-post-destination
        Status: failed
        Detail: HTTP/S POST connectivity check failed for destination:
            https://support.netapp.com/asupprod/post/1.0/postAsup
            via proxy - 123.123.123.123:8080. Error: Peer certificate
            can not be authenticated with given Certificate
            Authority certificates.
 Corrective Action: Certificate issue. Please make sure you have the correct
                    Root Certificate installed

  • AutoSupport messages are successfully delivered to NetApp using HTTP as the transport protocol.
  • Similar error messages: 

message: SSL certificate problem: self signed certificate in certificate chain

Error: Peer certificate can not be authenticated with given Certificate Authority certificates.

Error: asup.post.drop: AutoSupport message (HA Group Notification from node01 (USER_TRIGGERED (TEST:Test)) NOTICE) was not posted to NetApp. The system will drop the message.

  • Additional error messages found in  /mroot/etc/log/mlog/notifyd.log:

::> system node run -node <node_name> -command rdfile /etc/log/mlog/notifyd.log

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.