Table of ContentsLibraryView in Frames

Installing a signed certificate onto a storage system

You also need to install a signed certificate in a storage system if you are going to use the certificate authentication method for the IPsec protocol.

Before You Begin

If the certificate was signed by a Windows 2000 certificate authority, complete steps 1-8 of the "Installing a certificate signed by a Windows 2000 certificate authority onto a Windows client" procedure to install the certificate on a Windows client and export the certificate, including its private key, into a file.

Steps

  1. Copy the signed certificate onto the root volume of the storage system.

    For example, mount the storage system's root volume on an NFS client, such as your administration console, and then copy the file containing the signed certificate onto the storage system's root volume.

  2. If the signed certificate is in the Windows PKSC12 (*.pfx) format, convert it to the X.509 (*.pem) format.

    For example, use the openssl utility. For more information, search the Internet for "openssl."

  3. Install the signed certificate. At your storage system command line, enter the following command: keymgr install cert signed_certificate_file_name

    Here, signed_certificate_file_name is the full path to the file containing the signed certificate.

Parent topic: Configuring certificate authentication

Copyright © 1994-2008, NetApp, Inc. All rights reserved.
Part No. 210-04300_A0
Updated for Data ONTAP 7.3.1 on 12 December 2008