如果ONTAP服务器具有自签名证书、则ADFS SAML设置将失败
适用场景
- ONTAP 9.9及更高版本
问题描述
- ONTAP无法下载联合元数据、因为它不信任ADFS服务器
- AD基础架构的URL具有CA签名证书、但池中的实际ADFS服务器使用自签名证书
saml-sp create
命令行界面出错:Error: command failed: [Job 10695] Job failed: SAML job failed, Reason: Failed to download data from URL https://auth.corp.net/FederationMetadata/2007-06/FederationMetadata.xml.Reason: SSL peer certificate or SSH remote key was not OK : SSL certificate problem: unable to get local issuer certificate.
The system encountered an error at Tue Feb 14 17:58:10 2023 at https://corpadfs3.dept.loc.corp.net/saml-sp/SAML2/POST
Message was signed, but signature could not be verified.