Skip to main content

Install a CA-signed client certificate for the KMIP server in ONTAP

Contributors netapp-andreajost netapp-bhouser netapp-aaron-holt netapp-dbagwell netapp-aherbin
PDFs

The client and server-ca types specify that the certificate is used for mutually authenticating the cluster and an external key manager, such as a KMIP server.

About this task

Install a certificate to authenticate a KMIP server as an SSL server to the cluster.

Steps

  1. Use the security certificate install command with the -type server-ca parameter to install a certificate for the KMIP server.

  2. When you are prompted, enter the certificate, and then press Enter.

    ONTAP reminds you to keep a copy of the certificate for future reference.

    cluster1::> security certificate install -type server-ca -vserver cluster1

Please enter Certificate: Press <Enter> when done
-----BEGIN CERTIFICATE-----
<certificate_value>
-----END CERTIFICATE-----


You should keep a copy of the CA-signed digital certificate for future reference.

cluster1::>
Related information