CSR SSL Instructions? | NetApp | Page 1

safe crown May 30, 2023, 10:56 AM

#

Hello All, Looking for any instructions to generate a self signed CSR request please

safe crown May 30, 2023, 11:15 AM

#

does it need the /n at the start and end?

velvet parrot May 30, 2023, 11:30 AM

#

Here is the reference document for the same: https://netapp.github.io/harvest/23.05/prepare-cdot-clusters/#using-certificate-authentication

safe crown May 30, 2023, 11:33 AM

#

this is for the applciation ssl not for ontap

safe crown May 30, 2023, 4:07 PM

#

Some further info, I have a CSR generated but when using a decoder on our CSR server its not decoding it.

errant dove Jun 5, 2023, 6:23 AM

#

You're putting the CSR in a JSON, where is that going ? I sign CSR coming from ontap in hashicorp vault in the UI without issues, but I guess it depends on the CA

safe crown Jun 5, 2023, 10:11 AM

#

So the CSR is from swagger of Nabox and then I past into our SSL server but its unable to decode, I have tryed it using just begin and end request. Not sure where I have went wrong tbh

safe crown Jun 8, 2023, 3:12 PM

#

Any ideas with this one?

errant dove Jun 9, 2023, 7:19 PM

#

Ok I see, the json is specific to NAbox, what your CA needs is just the Base64 encoded part including "--- BEGIN --- --- END---" markers

#

And probably get rid of the \n in a text editor, didn't find a way around that

safe crown Jun 13, 2023, 2:42 PM

#

So just start with the "base all the way until the end marker?

safe crown Jun 13, 2023, 3:10 PM

#

Seems to have been the \n causing the issue. I've got my PKS from the CA, how do I install it?

errant dove Jun 14, 2023, 2:24 PM

#

What’s the PKS ? The private key ?

#

You use the same API I believe it’s a POST request and you can leave the private key out, just putting the certificate but you might have to reformat it the same as you got it

safe crown Jun 21, 2023, 3:22 PM

#

It was the certificate, Still getting no where, imported it and still erroring

errant dove Jun 21, 2023, 5:53 PM

#

Ok let me reproduce here

#

I'll keep you posted

errant dove Jun 23, 2023, 9:44 AM

#

All right it's working indeed, I'm putting together something in the docuementation

errant dove Jun 23, 2023, 10:01 AM

#

https://nabox.org/faq/#working-with-certificate-signing-request

safe crown Jun 26, 2023, 3:08 PM

#

errant dove Jun 27, 2023, 5:59 AM

#

What did you get back from your CA exactly ? In my case I get a certificate and the certificate chain. I paste the certificate for the server first, then the intermediate certificate.

Did you get a new private key by any chance ?

safe crown Jun 27, 2023, 1:51 PM

#

I just got the cert mate that was it

errant dove Jun 27, 2023, 2:36 PM

#

ok send me an email to help@nabox.org we'll plan a remote session

safe crown Jun 30, 2023, 12:22 PM

#

Cheers mate

errant dove Jul 3, 2023, 7:21 AM

#

did you send an email ?

#CSR SSL Instructions?