Skip to main content

security key-manager certificate update

(DEPRECATED)-Update key manager SSL certificates

Availability: This command is available to cluster administrators at the admin privilege level.

Description

Note
This command is deprecated and might be removed in a future release of Data ONTAP.
This command updates the SSL/TLS certificate in-place without requiring the original SSL/TLS certificate to be deleted. This command is not supported when onboard key management is enabled.

Parameters

-type {client|server} - (DEPRECATED)-SSL Certificate Type
This parameter is either "client" or "server". If "client", the internal client certificate is replaced. If "server", the internal server certificate is replaced.
[-address <IP Address>] - (DEPRECATED)-Key Manager IP Address
This parameter updates the key manager server certificate for a particular key management server at the given IP address.

Examples

The following example is for updating a server certificate:

cluster-1::> security key-manager certificate update -type server -address 10.232.186.8

Node: node1
Key manager 10.232.186.8  certificate-authority certificate will be updated.
Update successful.


Node: node2
Key manager 10.232.186.8  certificate-authority certificate will be updated.
Update successful.

The following example is for updating a client certificate:

cluster-1::> security key-manager certificate update -type client

Node: node1
The system client certificate registered with key manager will be updated.
Update successful.


Node: node2
The system client certificate registered with key manager will be updated.
Update successful.