What is the impact of an expired digital certificate used for a Vserver?
Applies to
- ONTAP 9
- SSL Certificate
Answer
- Client Certificate
An expired client digital SSL certificate will prevent the client from accessing the Vserver aka SVM (Storage Virtual Machine)
- Server Certificate
- An expired server digital certificate does not prevent users from accessing the Vserver aka SVM.
- The browser used on the client side will warn the user of the risk, but will not block access.
- root CA certificates (server-ca)
Refer to bug 1245418
- How to check for expired Certificates
- Related KBs
- Command:
::>security certificate show -fields expiration
- EMS Alerts:
EMS identifier 'mgmtgwd.certificate.expiring' will be reported when a digital certificate for a Vserver is about to expire.
EMS identifier 'mgmtgwd.certificate.expired' will be reported when a digital certificate for a Vserver is expired.