xfwljd
1 Nickel

VNX5300证书

转到解答

VNX5300证书过期了,有人知道怎么处理吗,有详细文档吗?或者指点一下!谢谢!20180321135557.png

标签 (1)
标记 (2)
0 项奖励
1 个已接受解答

已接受的解答
sunxingxing
1 Copper

Re: VNX5300证书

转到解答

When you click on the details of the certificate you will find that the certificate "valid to": date has expired.

1. Change the time on your PC/Laptop "from time" to be between the certificate "Valid from:" and "Valid to:"  time.
2. Connect via Unisphere to the System and sellect the SPA properties
3. Change the SPA time to the current local time.
4. Login as administrator user like sysadmin to the array via https://SPA_IP/setup.
5. Select "Manage SSL/TLS Certificate"

There are two possible scenarios here, either a self signed certificate is in use or a CA signed certificate is in use. The more common one is a self-signed certificate but either way works depending on the needs of the environment and whether or not there is a valid CA server that can sign the CSR generated in unisphere.

(Option 1)
Generate a self-signed certificate(See KB 000320471 for more detail):
1. Click "Generate a Self-Signed Certificate"

(Option 2)
Create a customer signed CA cert (See KB 000331310 for more detail) :
1. Click Generate CSR (Certificate Signing Request)
2. Once the signing request is created have the customer get the CSR signed by their CA server.
3. Once the CSR is signed it needs to be imported onto the SP. Go back to "Manage SSL/TLS Certificate"
4. Click "Import Certificate"
5. Upload the certificate that was signed by the CA server.

Once the new certificate is in place repeat the same steps on SPB and then verify that unisphere is now accessible.


KB:https://emcservice.force.com/CustomersPartners/kA2f1000000G4rvCAC

0 项奖励
1 条回复1
sunxingxing
1 Copper

Re: VNX5300证书

转到解答

When you click on the details of the certificate you will find that the certificate "valid to": date has expired.

1. Change the time on your PC/Laptop "from time" to be between the certificate "Valid from:" and "Valid to:"  time.
2. Connect via Unisphere to the System and sellect the SPA properties
3. Change the SPA time to the current local time.
4. Login as administrator user like sysadmin to the array via https://SPA_IP/setup.
5. Select "Manage SSL/TLS Certificate"

There are two possible scenarios here, either a self signed certificate is in use or a CA signed certificate is in use. The more common one is a self-signed certificate but either way works depending on the needs of the environment and whether or not there is a valid CA server that can sign the CSR generated in unisphere.

(Option 1)
Generate a self-signed certificate(See KB 000320471 for more detail):
1. Click "Generate a Self-Signed Certificate"

(Option 2)
Create a customer signed CA cert (See KB 000331310 for more detail) :
1. Click Generate CSR (Certificate Signing Request)
2. Once the signing request is created have the customer get the CSR signed by their CA server.
3. Once the CSR is signed it needs to be imported onto the SP. Go back to "Manage SSL/TLS Certificate"
4. Click "Import Certificate"
5. Upload the certificate that was signed by the CA server.

Once the new certificate is in place repeat the same steps on SPB and then verify that unisphere is now accessible.


KB:https://emcservice.force.com/CustomersPartners/kA2f1000000G4rvCAC

0 项奖励