Skip to main content

Verify the identity of remote servers using certificates overview

Contributors

ONTAP supports security certificate features to verify the identity of remote servers.

ONTAP software enables secure connections using these digital certificate features and protocols:

  • Online Certificate Status Protocol (OCSP) validates the status of digital certificate requests from ONTAP services using SSL and Transport Layer Security (TLS) connections. This feature is disabled by default.

  • A default set of trusted root certificates is included with ONTAP software.

  • Key Management Interoperability Protocol (KMIP) certificates enable mutual authentication of a cluster and a KMIP server.