Skip to main content
Element Software
A newer release of this product is available.

Change the Element software default SSL certificate

Contributors netapp-pcarriga netapp-dbagwell

You can change the default SSL certificate and private key of the storage node in the cluster using the NetApp Element API.

When a NetApp Element software cluster is created, the cluster creates a unique self-signed Secure Sockets Layer (SSL) certificate and private key that is used for all HTTPS communication via the Element UI, per-node UI, or APIs. Element software supports self-signed certificates as well as certificates that are issued and verified by a trusted Certificate Authority (CA).

You can use the following API methods to get more information about the default SSL certificate and make changes.

  • GetSSLCertificate

    You can use the GetSSLCertificate method to retrieve information about the currently installed SSL certificate including all certificate details.

  • SetSSLCertificate

    You can use the SetSSLCertificate method to set the cluster and per-node SSL certificates to the certificate and private key you supply. The system validates the certificate and private key to prevent an invalid certificate from being applied.

  • RemoveSSLCertificate

    The RemoveSSLCertificate method removes the currently installed SSL certificate and private key. The cluster then generates a new self-signed certificate and private key.

Note The cluster SSL certificate is automatically applied to all new nodes added to the cluster. Any node removed from the cluster reverts to a self-signed certificate and all user-defined certificate and key information is removed from the node.