Change the Element software default SSL certificate
You can change the default SSL certificate and private key of the storage node in the cluster using the NetApp Element API.
When a NetApp Element software cluster is created, the cluster creates a unique self-signed Secure Sockets Layer (SSL) certificate and private key that is used for all HTTPS communication via the Element UI, per-node UI, or APIs. Element software supports self-signed certificates as well as certificates that are issued and verified by a trusted Certificate Authority (CA).
You can use the following API methods to get more information about the default SSL certificate and make changes.
-
GetSSLCertificate
You can use the GetSSLCertificate method to retrieve information about the currently installed SSL certificate including all certificate details.
-
SetSSLCertificate
You can use the SetSSLCertificate method to set the cluster and per-node SSL certificates to the certificate and private key you supply. The system validates the certificate and private key to prevent an invalid certificate from being applied.
-
RemoveSSLCertificate
The RemoveSSLCertificate method removes the currently installed SSL certificate and private key. The cluster then generates a new self-signed certificate and private key.
The cluster SSL certificate is automatically applied to all new nodes added to the cluster. Any node removed from the cluster reverts to a self-signed certificate and all user-defined certificate and key information is removed from the node. |