Table of ContentsView in Frames

Installing replacement SSL certificates on the storage system

After you remove the old certificates, you create the new replacement SSL certificates, save them with the proper file name and format, and then install them on the storage system.

Before you begin

Steps

  1. Access the nodeshell by entering the following command: system node run -node node_name
  2. Copy the certificate files to a temporary location on the storage system.
  3. Install the public certificate of the storage system by entering the following command: keymgr install cert /path/client.pem
  4. Install the private certificate of the storage system by entering the following command: keymgr install cert /path/client_private.pem
  5. Install the public certificate of all key management servers by entering the following command for each key management server: keymgr install cert /path/key_management_server_ipaddress_CA.pem
  6. Add all key management servers by entering the following command for each key management server: key_manager add -key_server key_server_ip_address
  7. Verify connectivity between the storage system and key management servers by entering the following command: key_manager query
    You should see a list of existing key IDs retrieved from the key management servers.
  8. Exit the nodeshell and return to the clustershell by entering the following command: exit