Skip to main content
HCI
1.10

Change the management node default SSL certificate

Contributors netapp-pcarriga

You can change the default SSL certificate and private key of the management node using the NetApp Element API.

When you configure a management node, it creates a unique self-signed Secure Sockets Layer (SSL) certificate and private key that is used for all HTTPS communication by way of the the Element UI, per-node UI, or APIs. Element software supports self-signed certificates as well as certificates that are issued and verified by a trusted Certificate Authority (CA).

You can use the following API methods to get more information about the default SSL certificate and make changes.

  • GetNodeSSLCertificate

    You can use the GetNodeSSLCertificate method to retrieve information about the currently installed SSL certificate including all certificate details.

  • SetNodeSSLCertificate

    You can use the SetNodeSSLCertificate method to set the cluster and per-node SSL certificates to the certificate and private key you supply. The system validates the certificate and private key to prevent an invalid certificate from being applied.

  • RemoveNodeSSLCertificate

    This RemoveNodeSSLCertificate method removes the currently installed SSL certificate and private key. The cluster then generates a new self-signed certificate and private key.