Skip to main content

Reconfigure ONTAP Mediator or ONTAP Cloud Mediator to use a third-party certificate on ASA r2 systems

Contributors netapp-aherbin
PDFs

If you configure ONTAP Mediator or ONTAP Cloud Mediator with a self-signed certificate, you can reconfigure the mediator to use a third-party certificate. Third party certificates might be preferred or required by your organization for security reasons.

Step 1: Remove the mediator configuration

To reconfigure the mediator, you must first remove its current configuration from the cluster.

Steps

  1. In System Manager, select Protection > Overview.

  2. In the right pane, under Mediators, select three vertical blue dots next to the cluster peer with the mediator configuration that you want to remove; then select Remove.

    If you have multiple mediators installed, and you want to remove all configurations, select three vertical blue dots next to Mediators; then select Remove.

  3. Select Remove to confirm that you want to remove the mediator configuration.

Step 2: Remove the self-signed certificate

After the mediator configuration is removed, you should remove the associated self-signed certificate from the cluster.

Steps

  1. Select Cluster > Settings.

  2. Under Security, select Certificates.

  3. Select the certificate that you want to remove.

  4. Select three vertical blue dots; then select Delete.

Step 3: Reinstall the mediator with a third-party certificate

After you have removed the associated self-signed certificate, you can reconfigure the mediator with the third-party certificate.

Steps

  1. Select Protection > Overview.

  2. In the right pane, under Mediators, select Add a mediator.

  3. Select the Mediator type.

  4. For a Cloud mediator enter the organization ID, client ID and client secret. For an On-premises mediator enter the IP address, port, mediator user name, and mediator password.

  5. Select a cluster peer from the list of eligible cluster peers or select Add a cluster peer to add a new one.

  6. Under Certificate, enter the third-party certificate information.

  7. Select Add.

Result

The ONTAP Mediator or ONTAP Cloud Mediator is reconfigured to use the third-party certificate. You can now use the mediator to manage SnapMirror active sync relationships.