由于 AIQUM HTTPS 证书过期，AIQUM 无法添加新的 ONTAP 集群或发现先前添加的集群

适用于

• Active IQ Unified Manager (AIQUM) 9.x
• ONTAP 9.x

问题

• AIQUM 中的 DASHBOARD 显示以下消息：

Cluster discovery failed. Rediscover the cluster after resolving the issue.

• 尝试将 ONTAP 集群添加到 AIQUM 时出现错误

Unable to add cluster data source. The certificate has expired.

Unable to add cluster data source. This can occur if the clocks on the systems are not synchronized and the Unified Manager HTTPS certificate start date is later than the date on the cluster, or if the cluster has reached the maximum number of EMS notification destinations.

• ONTAP 显示来自 AIQUM 的过期服务器 CA 证书
• 即使从 AIQUM GUI 续订服务器 CA 证书后，集群发现仍然失败
• 在当前托管集群管理 LIF 的节点上的集群上， mlog\audit.log 显示类似以下错误：

[kern_audit:info:1948] 8XXXXXXXXXXXXXX :: test-cluster-01:ontapi :: 10.255.111.111:59999 :: test-cluster-01:ocum :: security-certificate-install :: Error: The certificate has expired.

• ocumserver.log：

Failed to add the datasource
com.onaro.commons.exception.ConfigurationException: Server returned HTTP status 500.HTTP error message :{"timestamp":"2025-08-05T09:45:07.721+00:00","status":500,"error":"Internal Server Error","path":"/acquisition-api/server/datasource"}

• jboss/server_acq.log：

ERROR [common-pool-3443] c.o.s.a.d.n.t.z.ZAPIConnection (ZAPIConnection.java:444) - [netappfoundation] <cluster_IP> - Communication problem with the cluster: <cluster_IP>, command: system-get-version, error: 'Received fatal alert: certificate_expired' on try 5 out of 5

• acquisiton/au.log：

c.n.u.RestUtil (RestUtil.java:175) - Error while getting socket factory java.security.KeyStoreException: Cannot store non-PrivateKeys

...

SSL handshake error on system-get-version try 5 out of 5, Received fatal alert: certificate_expired javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_expired