Concepts
Configure CA Certificate for Linux host
Suggest changes
-
PDF of this doc site
-
Protect Microsoft SQL Server databases
-
Protect SAP HANA databases
-
Protect IBM Db2
-
Protect PostgreSQL
-
Collection of separate PDF docs
Creating your file...
After installing the SnapCenter Server on Linux, the installer creates the self-signed certificate. If you want to use the CA certificate, you should configure the certificates for nginx reverse proxy, audit logging, and SnapCenter services.
Configure nginx certificate
-
Navigate to /etc/nginx/conf.d:
cd /etc/nginx/conf.d -
Open snapcenter.conf using vi or any text editor.
-
Navigate to the server section in the configuration file.
-
Modify the paths of ssl_certificate and ssl_certificate_key to point to CA certificate.
-
Save and close the file.
-
Reload nginx:
$nginx -s reload
Configure audit log certificate
-
Open INSTALL_DIR/NetApp/snapcenter/SnapManagerWeb/SnapManager.Web.UI.dll.config using vi or any text editor.
The default value of INSTALL_DIR is /opt.
-
Edit the AUDILOG_CERTIFICATE_PATH and AUDILOG_CERTIFICATE_PASSWORD keys to include the CA certificate path and password respectively.
Only .pfx format is supported for audit log certificate.
-
Save and close the file.
-
Restart the snapmanagerweb service:
$ systemctl restart snapmanagerweb
Configure SnapCenter services certificate
-
Open the following configuration files using using vi or any text editor.
-
INSTALL_DIR/NetApp/snapcenter/SnapManagerWeb/SnapManager.Web.UI.dll.config
-
INSTALL_DIR/NetApp/snapcenter/SMCore/SMCoreServiceHost.dll.config
-
INSTALL_DIR/NetApp/snapcenter/Scheduler/Scheduler.Api.dll.config
The default value of INSTALL_DIR is /opt.
-
-
Edit the SERVICE_CERTIFICATE_PATH and SERVICE_CERTIFICATE_PASSWORD keys to include the CA certificate path and password respectively.
Only .pfx format is supported for SnapCenter services certificate.
-
Save and close the files.
-
Restart all the services.
-
$ systemctl restart snapmanagerweb -
$ systemctl restart smcore -
$ systemctl restart scheduler
-