In this tutorial I will show you how to renewal a Netapp vserver certificate via the command line.
Netapp Vserver Certificate Renewal
Firstly we want to have a look at the certificate that is attached to our vserver called SVM1
::> security certificate show -vserver SVM1 -fields expiration,common-name,ca,serial
At the time of this post we can see that the certificate expiry date is well into the future. We will be deleting this certificate and re-creating a new one for this tutorial.
We are going to want to take note of the serial number on the certificate that we wish to delete. In the example above we can see that the serial number is 532655944DCB0
To delete the certificate we will type:
::> security certificate delete -vserver SVM1 -common-name SVM1 -ca SVM1 -type server -serial 532655944DCB0
You will be presented with asking for confirmation in deleting the certificate.
Once you have deleted the certificate we can recreate a new certificate by typing in the following command:
::> security certificate create -vserver SVM1 -common-name SVM1 -size 2048 -type server -country AU -expiry-days 1825 -hash function SHA256
Change the following command line options to suite your certificate, -common-name, -country, -expiry-days
Now that the new certificate has been created, you can type the following command to view its information:
::> security certificate show -vserver SVM1 -fields expiration,common-name,ca,serial
We can see in the screen shot above that the expiry date is now 2021
Netapp Vserver Certificate Check
Lastly we will associate this new certificate with our SVM. To do that we type in:
::> ssl modify -vserver SVM1 -server-enabled true
The next command will verify the ssl certificate on the vserver
::> ssl show -vserver SVM1
The post Netapp C-Mode Certificate Renewal appeared first on SYSADMINTUTORIALS IT TECHNOLOGY BLOG.