Renew self-signed SSL certificate in ONTAP 9 - Resolution Guide
Applies to
- ONTAP 9
- Self-Signed certificates
- Admin certificates
- SVM/Vserver certificates
Description
This article describes the procedure to renew an SSL self-signed certificate in ONTAP 9 storage systems. The default certificate expires after 365 days. The procedure is similar for other SSL certificates used by any SVM/Vserver.
Not able to access System Manager web server for management via HTTPS.
|
WARNING If using SAML, then disable SAML before renewing the cluster certificate. After the certificate is renewed, SAML will need to be re-configured again. |
Procedure
| Version | Resolution |
|---|---|
| ONTAP 9.10.1 and later | How to renew a self-signed certificate in System Manager |
| ONTAP 9 via command line | How to renew an ONTAP Self-Signed SSL certificate via command line |
| ONTAP 9 via power shell | How to renew or recreate an ONTAP self-signed SSL certificate with the NetApp PowerShell Toolkit |
| Data ONTAP 8.2 7 mode | How to renew an SSL certificate in Data ONTAP 7-Mode |
Additional Information
- Will disabling a vserver SSL certificate impact CIFS shares in ONTAP 9
- Check Active IQ if this impacts your systems
- CA-signed SSL certificate install with custom certificate name fails with duplicate entry
- Trying to enable self-signed server ssl certificate fails with "Error: duplicate entry"
- If you are receiving the warning "
mgmtgwd.certificate.expiring" and are currently on or upgrading to a version of ONTAP 9.2 or later, see the article FAQ: What is the Certificate Truststore?
Related links: