How to renew an ONTAP self-signed SSL certificate using ONTAP System Manager (ONTAP 9.10 and above)
- Views:
- 45,301
- Visibility:
- Public
- Votes:
- 46
- Category:
- ontap-system-manager
- Specialty:
- om
- Last Updated:
- 5/13/2025, 11:43:43 PM
Applies to
- Self-signed certificates
- ONTAP System Manager 9.10.1 and later
Description
- How to renew an ONTAP self-signed SSL certificate via ONTAP System Manager.
- For ONTAP versions prior to 9.10.1, use the command line to renew expiring certificates.
- See How to renew an ONTAP self-signed SSL certificate via command line
Procedure
WARNING
|
- Log into System Manager.
- Select CLUSTER -> Settings and click the arrow next to Certificates.
- Select the Client/Server Certificates tab.
- Select the ellipsis for the certificate then Renew.
- Update the certificate name and duration as needed.
- Click on the checkbox for Self-sign the certificate then Renew.
- Select the ellipsis next to the original certificate and select Delete.
a. Renewing a certificate creates a new certificate and replaces the original, which is not automatically deleted.
b. Also check if SSL is enabled for the SVM's server, which is done from the command command:
::> security ssl show
c. The maximum allowed value of days is 3652.
Note: This task does not affect the ONTAP workload.
Note: If the above does not work properly, follow the steps to renew the cert via the command line.