メインコンテンツへスキップ

CONTAP-409261:/api/cluster/web と security ssl show 間の証明書の不一致

Views:
2
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

問題

  • REST APIとONTAPコマンドでSSL構成に不一致が表示される

  • REST API呼び出し /api/cluster/web:

curl -ku admin:"P@ssw0rd" https://cluster1/api/cluster/web
{
"enabled": true,
"http_port": 80,
"https_port": 443,
"state": "online",
"http_enabled": false,
"csrf": {
"protection_enabled": true,
"token": {
"concurrent_limit": 500,
"idle_timeout": 900,
"max_timeout": 0
}
},
"certificate": {
"name": "cert1",
"uuid": "8d4faf7a-f9a1-11ef-9c7f-d039eaa1b42e",
"_links": {
"self": {
"href": "/api/security/certificates/8d4faf7a-f9a1-11ef-9c7f-d039eaa1b42e"
}
}
},
"client_enabled": false,
"ocsp_enabled": false,
"_links": {
"self": {
"href": "/api/cluster/web"
}
}
}
::> show-user-installed -type server -fields cert-name,serial
(security certificate show-user-installed)
vserver common-name serial ca type subtype cert-name
---------------- ------------------- ------ ------ ------ ------- ---------
cluster1 "*.demo.netapp.com" 100A wsl_ca server - cert1
cluster1 "*.demo.netapp.com" 100B wsl_ca server - cert2
2 エントリが表示されました。

  • そしてONTAPコマンド:

::> ssl show -vserver cluster1
(security ssl show)
Vserver: cluster1
Server Certificate Issuing CA: wsl_ca
Server Certificate Serial Number: 100B
Server Certificate Common Name: *.demo.netapp.com
SSL Server Authentication Enabled: true
SSL Client Authentication Enabled: false
Online Certificate Status Protocol Validation Enabled: false
OCSP検証のデフォルトレスポンダのURI:
OCSP検証にデフォルトレスポンダURIを強制的に使用する: false
OCSPクエリのタイムアウト: 10s
Maximum Allowable Age for OCSP Responses (secs): unlimited
Maximum Allowable Time Skew for OCSP Response Validation: 5m
OCSPクエリ内でNONCEを使用する: true

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.