Table of ContentsView in Frames

Managing digital certificates for server or client authentication

A digital certificate ensures that web communications are transmitted in encrypted form. It also ensures that information is sent privately and unaltered to only the specified server or from the authenticated client. Data ONTAP enables you to generate, install, and manage a self-signed or Certificate Authority (CA) signed digital certificate for server or client authentication.

The following facts apply to digital certificates (sometimes called public key certificates):

When the cluster or Storage Virtual Machine (SVM) functions as an SSL server, you can manage digital certificates in the following ways:

When the cluster or SVM functions as a client to an SSL server (which, for example, can be an Active Directory domain controller that supports LDAP over SSL), you can manage digital certificates in the following ways:

Before reverting to a release earlier than Data ONTAP 8.2, all digital certificates except for the server type (security certificate show –type server) must be deleted. Otherwise, the revert procedure fails.

You use the security certificate commands to manage digital certificates. For information about these commands, see the man pages.