security certificate config modify

Modify the certificate management configurations

Availability: This command is available to cluster administrators at the advanced privilege level.

Description

This command modifies the certificate management configuration information for the cluster.

Parameters

[-min-security-strength <bits of security strength>] - Minimum Security Strength
Use this parameter to modify the allowed minimum security strength for certificates. The security bits mapping to RSA and ECDSA key length are as follows: 
            Security Bits   Asymmetric Key Length   Elliptic Curve Key Length
            112	            2048	                224
            128	            3072	                256
            192	            4096	                384
FIPS supported values are restricted to 112 and 128.
Note: This does not affect root CA certificates.
[-expiration-warn-threshold <integer>] - Minimum Days to EMS for Expiring Certificates
Use this parameter to modify the number of days prior to certificate expiration the system sends a warning EMS event.

Examples

The following example modifies the minimum security strength allowed for certificates.

cluster-1::> security certificate config modify -min-security-strength 192
Parent topic: security certificate config commands
Copyright © 1994-2019, NetApp, Inc. All rights reserved.
Part number: 215-14676_2019-11_en-us
November 2019