Skip to main content
NetApp SMI-S Provider

Generate a self-signed certificate for the CIM server

Contributors netapp-aoife

By default, SSL authentication is enabled for the CIM server. During the SMI-S Provider installation, a self-signed certificate for the CIM server is installed in the pegasus directory. You can generate your own self-signed certificate and use it rather than the default certificate.

Before you begin
  • You must already have logged in as Administrator.

  • You must already have accessed SMI-S Provider.

  1. Download the openssl.cnf file from the following location:

  2. Move the openssl.cnf file to the bin directory:


  3. Set the OPENSSL_CONF environmental variable to the location of the openssl.cnf file:

    C:\ >set OPENSSL_CONF=%PEGASUS_HOME%\bin\openssl.cnf

    This only sets the environment variable for the duration of the current Command Prompt session. If you want to permanently set the environment variable, you can use one of the following options:

    • Navigate to Properties > Environmental Variables and update the variable under System.

    • Use Command Prompt to permanently set the variable:

      setx OPENSSL_CONF “%PEGASUS_HOME%\bin\openssl.cnf.

      The variable is set when you open a new Command Prompt session.

  4. Navigate to the %PEGASUS_HOME%\bin directory:

    C:\cd %pegasus_home%\bin

  5. Generate a private key:

    openssl genrsa -out cimom.key 2048

  6. Generate a certificate request:

    openssl req -new -key cimom.key -out cimom.csr

  7. Enter your information for the certificate request when prompted.

  8. Generate the self-signed certificate:

    openssl x509 -in cimom.csr -out cimom.cert -req -signkey cimom.key -days 1095

    You can provide a different number of days for which the certificate is valid.

  9. Copy the cimom.key and cimom.cert files to the pegasus directory (Windows: C:\Program Files (x86)\NetApp\smis\pegasus).


The certificate date range starts at the current date and runs for the number of days specified.