PowerStore:将第三方管理证书恢复为自签名证书

Summary: 对于 PowerStore 3.0,PSTCLI 中内置了将第三方证书恢复为自签名证书的功能。 本知识库文章介绍了该过程。

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Instructions

提醒:对于具有远程系统对象的群集,请在开始之前运行验证和更新过程。如果验证和更新失败,请先解决问题,然后再继续更换证书。

打开与 PowerStore 的 PSTCLI 连接。从设备上的服务 shell 或从安装了 PSTCLI 插件并连接到管理网络的工作站执行此操作。使用以下命令: 
pstcli -d <cluster management IP> -session

输入管理员凭据后,该命令会将提示符更改为: 
cli>

运行以下命令以检查当前证书: 
cli> x509_certificate show
命令输出将返回设备上当前证书的列表: 
cli> x509_certificate show
 #  |                  id                  |         type         |     service      | is_current | is_valid
----+--------------------------------------+----------------------+------------------+------------+----------
  1 | af54dc96-a699-477a-b964-ffb4d84e867f | Server               | Management_HTTP  | no         | no      
  2 | 3126a72e-c5c6-49fd-8588-83c7fc54286c | Server               | Management_HTTP  | yes        | yes     
  3 | 206c6ac1-9894-44e7-8ce7-a79e40a01530 | Server               | Management_HTTP  | yes        | yes     
  4 | 4e8d100e-e0b6-41f6-8b12-b363ae79c748 | CA_Client_Validation | Replication_HTTP | yes        | yes     
  5 | e1451f9f-dad9-41be-8871-22eb8eda98b2 | CA_Server_Validation | Replication_HTTP | yes        | yes     
  6 | c968584b-1cba-486e-bdd4-b243585081bd | Server               | VASA_HTTP        | yes        | yes     
  7 | 6fc8118c-7d82-4ab2-8868-943cc83afc77 | CA_Server_Validation | Replication_HTTP | yes        | yes     
  8 | 00cb3262-c631-4f7b-9a76-13e4e29d09d2 | CA_Client_Validation | Replication_HTTP | yes        | yes     
  9 | 21999f77-cd1d-46d3-8b07-10d0431abf7c | CA_Server_Validation | Import_HTTP      | yes        | yes     
 10 | e19110de-f58c-4558-b51a-78feca86f166 | Client               | Replication_HTTP | yes        | yes
接下来,运行以下命令以替换管理证书: 
cli> x509_certificate reset_certificates -service Management_HTTP -scope External

这会将您的证书从第三方证书恢复为自签名证书。再次运行 show 命令会显示当前有效的 management_HTTP 证书的不同证书 ID: 
cli> x509_certificate show
 #  |                  id                  |         type         |     service      | is_current | is_valid
----+--------------------------------------+----------------------+------------------+------------+----------
  1 | af54dc96-a699-477a-b964-ffb4d84e867f | Server               | Management_HTTP  | no         | no      
  2 | 48929a4d-c8eb-41ab-b0f6-e39157742e05 | Server               | Management_HTTP  | yes        | yes     
  3 | fa474287-9035-404d-a007-fa971e62ce43 | Server               | Management_HTTP  | yes        | yes      
  4 | 4e8d100e-e0b6-41f6-8b12-b363ae79c748 | CA_Client_Validation | Replication_HTTP | yes        | yes     
  5 | e1451f9f-dad9-41be-8871-22eb8eda98b2 | CA_Server_Validation | Replication_HTTP | yes        | yes     
  6 | c968584b-1cba-486e-bdd4-b243585081bd | Server               | VASA_HTTP        | yes        | yes     
  7 | 6fc8118c-7d82-4ab2-8868-943cc83afc77 | CA_Server_Validation | Replication_HTTP | yes        | yes     
  8 | 00cb3262-c631-4f7b-9a76-13e4e29d09d2 | CA_Client_Validation | Replication_HTTP | yes        | yes     
  9 | 21999f77-cd1d-46d3-8b07-10d0431abf7c | CA_Server_Validation | Import_HTTP      | yes        | yes     
 10 | e19110de-f58c-4558-b51a-78feca86f166 | Client               | Replication_HTTP | yes        | yes
使用此流程有任何疑问或问题,请联系 戴尔技术支持

Affected Products

PowerStore 1000T, PowerStore 1200T, PowerStore 3000T, PowerStore 3200T, PowerStore 5000T, PowerStore 500T, PowerStore 5200T, PowerStore 7000T, PowerStore 9000T
Article Properties
Article Number: 000223823
Article Type: How To
Last Modified: 02 Jul 2025
Version:  3
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.