Skip to main content
ONTAP tools for VMware vSphere 10

Change certificate validation flag

Contributors netapp-jani
PDFs

By default, the certificate validation flag is enabled (set to true). You can set the ONTAP storage backend certificate validation flag to false if you need to bypass SAN certificate checks. This setting is not applicable to vCenter Server certificates.

Before you begin

You need to have maintenance user login credentials.

Steps

  1. From the vCenter Server, open a console to ONTAP tools.

  2. Log in as the maintenance user.

  3. Enter 1 to select Application Configuration Menu.

  4. Enter 3 to change cert validation flag.

    The maintenance console shows the certificate validation flag status and prompts you to change it.

  5. Enter 'y' to toggle the flag or 'n' to cancel.

When you enable the certificate validation flag (set to true), ONTAP tools checks that all storage backends use certificates with a Subject Alternative Name (SAN). If any backend uses a certificate without a SAN, you cannot enable certificate validation. Before enabling this flag, verify that all storage backends use SAN-based certificates. If you disable the certificate validation flag (set to false), ONTAP tools bypasses certificate validation for all configured storage backends.