Fixing Certificate Errors on NetApp E-Series Systems: A Quick Guide

As a datacenter consultant, I recently encountered certificate issues with NetApp E-Series systems. Today, I’ll share a practical solution that saved me during a recent troubleshooting session.

The Certificate Challenge

When managing E-Series storage systems through SANtricity, you might encounter these frustrating error messages:

  • “Unable to find valid certification path for certificate (Web Server 422)”
  • “The controller could not be contacted”
  • Certificate status showing as “unknown” for the partner controller

The Quick Fix

The fastest way to resolve these issues is to reset the certificates using the REST API. Here’s how:

# Reset certificates on both controllers
curl -k -u admin -H "Accept: application/json" -X POST "https://node1.domain.com:8443/devmgr/v2/certificates/reset" 
curl -k -u admin -H "Accept: application/json" -X POST "https://node2.domain.com:8443/devmgr/v2/certificates/reset"

This command generates new self-signed certificates for both controllers[1]. The -k flag tells curl to proceed despite certificate warnings.

What’s Happening Behind the Scenes?

When you reset the certificates, SANtricity automatically:

  1. Generates new self-signed certificates for both controllers
  2. Restarts the web services
  3. Establishes fresh trust between controllers

Best Practices

While this quick fix works great for testing and development, for production environments you should:

  1. Generate proper Certificate Signing Requests (CSRs)
  2. Get them signed by your Certificate Authority
  3. Import the signed certificates back into SANtricity

Pro Tips

  • Always verify your system time is correct before troubleshooting certificate issues
  • Keep track of certificate expiration dates
  • Consider implementing automated certificate management for your E-Series systems
  • Document the procedure for your team

Remember, while self-signed certificates are convenient for testing, they’re not recommended for production environments. Always follow your organization’s security policies regarding certificate management.

Happy storage managing! 🚀

Sources
https://storage-system.fujitsu.com/manual/en/abhb-sol/web-services-proxy/certificates-intro-concept.html

Leave a comment

Create a website or blog at WordPress.com

Up ↑