#Nabox 3.5 openssl issue with 7mode filers

I have build up new Napox 3.5 appliance and I have problem to add 7mode filers to it, because an issue with version of openssl. I found a workround (https://stackoverflow.com/questions/71603314/ssl-error-unsafe-legacy-renegotiation-disabled), but I have the problem to find out correct environment file for permanent export of customized openssl config.

@haughty eagle

Is your 7mode system running the latest ONTAP release ?

You can try applying that KB indeed, but I’m not sure it’ll work in the context of nabox api container. In your case it might be easier ton configure your cluster without the web ui directly in harvest.yml

To apply the KB I would try using docker-compose.override.yaml in /usr/local/nabox and declare the environment variable for nabox-harvest2 container.

You can place the file in a directory mapped to harvest 2 like harvest conf

Yes, I have the latest version (8.2.5) running on my 7mode filers.
Thx for some tips.

Also, you can try to configure it manually at least to check Harvest won't have an issue down the road

I have fixed my issue. Thank you.

Did you do it through the method above ?

I don't know if this is the same problem the OP had, but with NABOX 4.04 I am getting this error when trying to add 8.2.5 7-mode system: remote error: tls: handshake failure "tls.enable" is set to "on" on the node.

Is that P5 ?

My mistake, it's NetApp Release 8.2.4P4 7-Mode.

ewww

I know.

All right, just in case, verify tls settings, but I think you'll need an ontap upgrade

"tls.enable" is "on". I've used the old OnCommand System Manager to re-generate a self-signed SSL cert. Anything else?

If this won't work, you wouldn't happen to know where I can get a copy & license for the last release of DFM/OnCommand? It's finally gone from the NetApp support site.

Deparate to get some monitoring on this old cluster.

That would be a ONTAP upgrade, not DFM. What version of Harvest is it ?

Whatever came with NaBox 4.0.4.