Release notes
Enable SSL certificate accounts
Suggest changes
-
PDF of this doc site
-
Cluster administration
-
Volume administration
-
Logical storage management with the CLI
-
-
NAS storage management
-
Configure NFS with the CLI
-
Manage NFS with the CLI
-
Manage SMB with the CLI
-
Manage file access using SMB
-
-
-
Security and data encryption
-
Data protection and disaster recovery
-
Collection of separate PDF docs
Creating your file...
You can use the security login create command to enable administrator accounts to access an admin or data SVM with an SSL certificate. Learn more about security login create in the ONTAP command reference.
-
You must install a CA-signed server digital certificate before the account can access the SVM.
You can perform this task before or after you enable account access.
-
If you are unsure of the access control role you want to assign to the login account, you can add the role later with the
security login modifycommand.
|
For cluster administrator accounts, certificate authentication is supported with the http, ontapi, and rest applications. For SVM administrator accounts, certificate authentication is supported only with the ontapi and rest applications.
|
-
Enable local administrator accounts to access an SVM using an SSL certificate:
security login create -vserver SVM_name -user-or-group-name user_or_group_name -application application -authmethod authentication_method -role role -comment commentThe following command enables the SVM administrator account
svmadmin2with the defaultvsadminrole to access the SVMengData2using an SSL digital certificate.cluster1::>security login create -vserver engData2 -user-or-group-name svmadmin2 -application ontapi -authmethod cert
If you have not installed a CA-signed server digital certificate, you must do so before the account can access the SVM.
Learn more about the commands described in this procedure in the ONTAP command reference.
