Installing the self-signed root CA certificate on the SVM
If LDAP authentication with TLS is required when binding to LDAP servers, you must first install the self-signed root CA certificate on the SVM.
About this task
Starting in ONTAP 9.4, all applications within ONTAP that use TLS communications can check digital certificate status using Online Certificate Status Protocol (OCSP). If OCSP is enabled for LDAP over TLS, revoked certificates are rejected and the connection fails.
- Install the self-signed root CA certificate:
- Verify that the certificate is installed: security certificate show -vserver vserver_name
Give documentation feedback