跳转到主内容

在为相互TLS问题描述应用临时解决策之后、AIQUM的旧客户端CA仍会保留

Views:
Visibility:
Public
Votes:
0
Category:
active-iq-unified-manager
Specialty:
om
Last Updated:

适用场景

  • NetApp Active IQ Unified Manager (AIQUM) 9.12及更高版本
  • ONTAP 9.10及更高版本
  • 已为ONTAP集群启用相互传输层安全(MTLS/相互TLS)

问题描述

在 AIQUM中由于用于相互TLS通信的CA证书已过期集群采集失败的解决方案部分中的当证书详细信息不可用时执行步骤后、ONTAP上存在多个AIQUM client-ca证书

示例:

cluster1::> security certificate show -type client-ca
Vserver   Serial Number   Certificate Name             Type
---------- --------------- -------------------------------------- ------------
cluster1   1604766BCAD45CB4
              admin_1604766BCAD45CB4          client-ca
   Certificate Authority: admin
      Expiration Date: Mon Sep 08 00:56:36 2025
 
cluster1   405A1EC0FC028AB2
              admin                  client-ca
   Certificate Authority: admin
      Expiration Date: Mon Aug 12 13:59:59 2024
 
cluster1   2DAE2E0DD1AD87A2
              workarounduser              client-ca
   Certificate Authority: workarounduser
      Expiration Date: Mon Sep 08 00:55:01 2025

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.