Many companies buy wildcard certificates for many reasons: price, management, flexibility, etc.
The following guide shows how to install a wildcard certificate from DigiCert on your NetApp controllers.
You will need the following 3 files in PEM format:
DigiCertCA.pem // This is the Certificate Authority, in this case from DigiCert
wildcard_example_com.pem // This is the wildcard certificate
wildcard_example_com_key.pem // This is the private key
1) Stop SSL on the NetApp controller
filer> secureadmin disable ssl
Now From a Linux/Unix system:
2) mount the NetApp’s vol0
LinuxStation# mkdir /mnt/filer
LinuxStation# mount filer.example.com:/vol/vol0 /mnt/filer
3) Go to the keymgr folder and backup the current certificate and key.
# Backup Certificate
LinuxStation# cd /mnt/filer/etc/keymgr/cert/
LinuxStation:/mnt/filer/etc/keymgr/cert/# mv secureadmin.pem secureadmin.pem.bak# Backup Key
LinuxStation# cd /mnt/filer/etc/keymgr/key/
LinuxStation:/mnt/filer/etc/keymgr/key/# mv secureadmin.pem secureadmin.pem.bak
4) Create the new files based on the wildcard certificate files, assuming you placed them on /opt/certificates
# Create Certificate
LinuxStation# cd /opt/certificates/
LinuxStation:/opt/certificates/# cat wildcard_example_com.pem DigiCertCA.pem > secureadmin_cert.pem
LinusStation# mv /opt/certificates/secureadmin_cert.pem /mnt/filer/etc/keymgr/cert/secureadmin.pem# Create Key
LinuxStation# cd /opt/certificates/
LinuxStation:/opt/certificates/# cat wildcard_example_com_key.pem > secureadmin_key.pem
LinusStation# mv /opt/certificates/secureadmin_key.pem /mnt/filer/etc/keymgr/key/secureadmin.pem
5) On the NetApp controller, add the new cert:
filer> secureadmin addcert ssl /etc/keymgr/cert/secureadmin.pem
6) Enable SSL
filer> secureadmin enable ssl
Comments
Leave a comment Trackback