Enable SSL certificate accounts
You can use the
security login create command to enable administrator accounts to access an admin or data SVM with an SSL certificate.
You must be a cluster administrator to perform this task.
You must install a CA-signed server digital certificate before the account can access the SVM.
You can perform this task before or after you enable account access.
If you are unsure of the access control role you want to assign to the login account, you can add the role later with the
security login modifycommand.
For cluster administrator accounts, certificate authentication is supported only with the
Enable local administrator accounts to access an SVM using an SSL certificate:
security login create -vserver SVM_name -user-or-group-name user_or_group_name -application application -authmethod authentication_method -role role -comment comment
For complete command syntax, see the ONTAP man pages by release.
The following command enables the SVM administrator account
svmadmin2with the default
vsadminrole to access the SVM
engData2using an SSL digital certificate.
cluster1::>security login create -vserver engData2 -user-or-group-name svmadmin2 -application ontapi -authmethod cert
If you have not installed a CA-signed server digital certificate, you must do so before the account can access the SVM.