AIQUM HTTPS証明書の期限が切れているため、Active IQ Unified Managerで新しいONTAPクラスタの追加、または以前に追加されたクラスタの検出に失敗する

環境

• Active IQ Unified Manager（AIQUM）9.x
• ONTAP 9.x

問題

• AIQUMのDASHBOARDに次のメッセージが表示されます：

Cluster discovery failed. Rediscover the cluster after resolving the issue.

• ONTAPクラスタをActive IQ Unified Managerに追加しようとするとエラーが表示される

Unable to add cluster data source. The certificate has expired.

Unable to add cluster data source. This can occur if the clocks on the systems are not synchronized and the Unified Manager HTTPS certificate start date is later than the date on the cluster, or if the cluster has reached the maximum number of EMS notification destinations.

• ONTAPにAIQUMからの期限切れのserver-ca証明書が表示される
• AIQUM GUIからserver-ca証明書を更新した後でもクラスタ検出が失敗する
• 現在クラスタ管理LIFをホストしているノード上のクラスタでは、 mlog\audit.log 次のようなエラーが表示されます：

[kern_audit:info:1948] 8XXXXXXXXXXXXXX :: test-cluster-01:ontapi :: 10.255.111.111:59999 :: test-cluster-01:ocum :: security-certificate-install :: Error: The certificate has expired.

• ocumserver.log:

Failed to add the datasource
com.onaro.commons.exception.ConfigurationException: Server returned HTTP status 500.HTTP error message :{"timestamp":"2025-08-05T09:45:07.721+00:00","status":500,"error":"Internal Server Error","path":"/acquisition-api/server/datasource"}

• jboss/server_acq.log:

ERROR [common-pool-3443] c.o.s.a.d.n.t.z.ZAPIConnection (ZAPIConnection.java:444) - [netappfoundation] <cluster_IP> - Communication problem with the cluster: <cluster_IP>, command: system-get-version, error: 'Received fatal alert: certificate_expired' on try 5 out of 5

• acquisiton/au.log:

c.n.u.RestUtil (RestUtil.java:175) - Error while getting socket factory java.security.KeyStoreException: Cannot store non-PrivateKeys

...

SSL handshake error on system-get-version try 5 out of 5, Received fatal alert: certificate_expired javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_expired