再生成されたAIQUM HTTPS証明書がクラスタ側に反映されない
環境
- NetApp Active IQ Unified Manager (AIQUM)
- ONTAP 9
問題
- AIQUM Web UIで[Regenerate HTTPS Certificate]をクリックしても、 クラスタ 側のイベントログは停止しません。
mgmtgwd.certificate.expiring: A digital certificate with Fully Qualified Domain Name (FQDN) <CERTIFICATE_NAME>, Serial Number <SERIAL>, Certificate Authority <UM> and type server-ca for Vserver <SVM> will expire in the next XX day(s)
AUDIT-MLOG-TXT.GZ
に、次のメッセージを示します。
<netapp version='1.0' xmlns='http://www.netapp.com/filer/admin' nmsdk_version='9.8P2' nmsdk_platform='Windows Server 2016' nmsdk_language='Java'><security-certificate-install><type>client</type><private-key>XXX</private-key><certificate>-----BEGIN CERTIFICATE-----^M [CERTIFICATE] :: Pending:
security-certificate-install :: Error: duplicate entry
<netapp version='1.0' xmlns='http://www.netapp.com/filer/admin' nmsdk_version='9.8P2' nmsdk_platform='Windows Server 2016' nmsdk_language='Java'><ems-event-notification-destination-modify-iter><attributes><event-notification-destination><rest-api-url>XXX</rest-api-url><certificate-authority>[UM-UUID]</certificate-authority><certificate-serial>[SERIAL]</certificate-serial></event-notification-destination></attributes><query><event-notification-destination><name>[DESTINATION]</name></event-notification-destination></query></ems-event-notification-destination-modify-iter></netapp>^M :: Pending:
ems-event-notification-destination-modify-iter :: Success:
-
AUDIT-MLOG-TXT.GZ
は表示されずsecurity-certificate-delete
、security-certificate-install
上記のように出力されます。
<netapp version='1.0' xmlns='http://www.netapp.com/filer/admin' nmsdk_version='9.8P2' nmsdk_platform='Windows Server 2016' nmsdk_language='Java'><security-certificate-delete><common-name>[COMMON-NAME]</common-name><type>server-ca</type><certificate-authority>[CA]</certificate-authority><vserver>[CLUSTER_NAME]</vserver><serial-number>[SERIAL]</serial-number></security-certificate-delete></netapp>^M :: Pending:
security-certificate-delete :: Success:
<netapp version='1.0' xmlns='http://www.netapp.com/filer/admin' nmsdk_version='9.8P2' nmsdk_platform='Windows Server 2016' nmsdk_language='Java'><security-certificate-install><type>server-ca</type><certificate>-----BEGIN CERTIFICATE-----^M [CERTIFICATE]... :: Pending:
security-certificate-install :: Success: