Enabling SSL certificate accounts

You can use the security login create command to enable administrator accounts to access an admin or data SVM with an SSL certificate.

Before you begin

You must be a cluster administrator to perform this task.

About this task

Note: For cluster administrator accounts, certificate authentication is supported only with the http and ontapi applications. For SVM administrator accounts, certificate authentication is supported only with the ontapi application.

Procedure

Enable local administrator accounts to access an SVM using an SSL certificate: security login create -vserver SVM_name -user-or-group-name user_or_group_name -application application -authmethod authentication_method -role role -comment comment
For complete command syntax, see the worksheet.

Creating or modifying login accounts

The following command enables the SVM administrator account svmadmin2 with the default vsadmin role to access the SVM engData2 using an SSL digital certificate.

cluster1::>security login create -vserver engData2 -user-or-group-name svmadmin2 -application ontapi -authmethod cert

After you finish

If you have not installed a CA-signed server digital certificate, you must do so before the account can access the SVM.

Generating and installing a CA-signed server certificate