What are common reasons that a signed CA certificate is still not trusted?
Applies to
ONTAP System Manager 9
Answer
- The certificate is not issued by a commonly trusted Certificate Authority (CA) but internally. You need to push the root and intermediate(if applicable) certificate(s) to all clients which shall have trusted connections.
- The certicate CA sign request was created with a different private key. You need to repeate the certificate creating, signig request, signing and certificate import.
- SSL installation was not completed properly or the private key was lost. You need to repeate the certificate creating, signig request, signing and certificate import.
- The Certificate is expired. You need to create a new certificate, signig request, sign it and import the signed certificate.
Additional Information
Installing a ca-signed certificate in ONTAP - Documentation