Install a CA certificate if you use StorageGRID
-
PDF of this doc site
- Cluster administration
-
Volume administration
- Logical storage management with the CLI
-
NAS storage management
- Configure NFS with the CLI
- Manage NFS with the CLI
-
Manage SMB with the CLI
- Manage file access using SMB
- SAN storage management
- Security and data encryption
-
Data protection and disaster recovery
- Data protection with the CLI
Collection of separate PDF docs
Creating your file...
Unless you plan to disable certificate checking for StorageGRID, you must install a StorageGRID CA certificate on the cluster so that ONTAP can authenticate with StorageGRID as the object store for FabricPool.
ONTAP 9.4 and later releases enable you to disable certificate checking for StorageGRID.
-
Contact your StorageGRID administrator to obtain the StorageGRID system's CA certificate.
-
Use the
security certificate install
command with the-type
server-ca
parameter to install the StorageGRID CA certificate on the cluster.The fully qualified domain name (FQDN) you enter must match the custom common name on the StorageGRID CA certificate.
Update an expired certificate
To update an expired certificate, the best practice is to use a trusted CA to generate the new server certificate. In addition, you should ensure that the certificate is updated on the StorageGRID server and on the ONTAP cluster at the same time to keep any downtime to a minimum.