跳转到主内容

AIQUM使用哪些证书、过期后会产生什么影响以及如何重新生成?

Views:
45
Visibility:
Public
Votes:
0
Category:
active-iq-unified-manager
Specialty:
OM
Last Updated:

适用场景

  • Active IQ Unified Manager (AIQUM)
  • ONTAP 9

问题解答

  • SSL (HTTPS)证书
类型 server-ca
生成者 AIQUM
存储在中 AIQUM/ ONTAP
目的

通过浏览器在HTTP/HTTPS连接中对AIQUM服务器进行身份验证

注意:AIQUM会在添加集群时将此证书安装到ONTAP中

过期时的影响
如何重新生成

 

  • EMS 证书
类型 client
生成者 AIQUM
存储在中 AIQUM/ ONTAP
目的

对从ONTAP收到的用于 订阅ONTAP EMS事件的EMS通知进行身份验证

注意:AIQUM会在添加集群时将此证书安装到ONTAP中

过期时的影响
如何重新生成

Please contact NetApp Technical Support or log into the NetApp Support Site to create a technical case. Reference this article for further assistance.

 

  • 用于相互TLS通信的证书
类型 client-ca
生成者 AIQUM
存储在中 AIQUM/ ONTAP
目的

在采集AIQUM数据期间通过基于证书的身份验证对ONTAP集群进行身份验证。

注意:AIQUM会在添加集群时将此证书安装到ONTAP中

过期时的影响
如何重新生成 按照 由于用于相互TLS通信的CA证书过期而导致AIQUM中的集群采集失败中所述的步骤进行操作

 

  • 集群证书
类型 服务器
生成者 ONTAP
存储在中 ONTAP
目的 添加ONTAP集群时对ONTAP集群进行身份验证
过期时的影响

注意: 从 ONTAP集群角度来看、另请参见用于Vserver的数字证书过期会产生什么影响

如何重新生成 如何在ONTAP 9中续订自签名SSL证书

 

注意: 可以使用ONTAP security certificATE show命令的-type 参数来查找证书类型

::> security certificate show -type server-ca

Vserver   Serial Number   Certificate Name             Type
---------- --------------- -------------------------------------- ------------
cluster1   85589F65349650BE
              aiqum.demo.netapp.com_85589F65349650BE server-ca
   Certificate Authority: demo.netapp.com
      Expiration Date: Fri Nov 01 21:06:11 2058

 

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.