Uploading CA Certificates from Non-root CAs (CLI) - Oracle® ZFS Storage Appliance Administration Guide, Release OS8.7.0

Go to main content

Oracle^® ZFS Storage Appliance Administration Guide, Release OS8.7.0

Exit Print View

» ...Documentation Home » Oracle ZFS Storage Appliance, Release OS8.7.0 ... » Oracle^® ZFS Storage Appliance ... » Configuring the Appliance » Configuring Certificates » Uploading CA ...

Updated: July 2017

Oracle^® ZFS Storage Appliance Administration Guide, Release OS8.7.0

Document Information

About the Oracle ZFS Storage Appliance

Configuring the Appliance

Initial Appliance Configuration

Appliance Cluster Configuration

Cluster Configuration BUI View

Upgrading a Standalone Appliance to a Clustered Configuration (BUI)

Shutting Down a Clustered Configuration (BUI)

Shutting Down a Clustered Configuration (CLI)

Cluster Terminology

Understanding Clustering

Cluster Advantages and Disadvantages

Cluster Interconnect I/O

Cluster Resource Management

Cluster Takeover and Failback

Configuration Changes in a Clustered Environment

Clustering Considerations for Storage

Clustering Considerations for Networking

Private Local IP Interfaces

Clustering Considerations for InfiniBand

Preventing Split-Brain Conditions

Estimating and Reducing Takeover Impact

Network Configuration

Network Configuration (BUI)

Network Configuration (CLI)

Working with Network Configuration

Configuring Management Interfaces

Configuring Network Datalinks

Configuring Network Interfaces

Configuring Network IP MultiPathing (IPMP)

Configuring Network Performance and Availability

Configuring Network Routing

Configuring Storage

Creating a Storage Pool (BUI)

Creating a Storage Pool (CLI)

Importing an Existing Storage Pool (BUI)

Importing an Existing Storage Pool (CLI)

Configuring an All-Flash Storage Pool (BUI)

Configuring an All-Flash Storage Pool (CLI)

Adding a Disk Shelf to an Existing Storage Pool (BUI)

Adding a Disk Shelf to an Existing Storage Pool (CLI)

Adding a Cache, Meta, or Log Device to an Existing Storage Pool (BUI)

Adding a Cache, Meta, or Log Device to an Existing Storage Pool (CLI)

Removing a Cache or Log Device from an Existing Storage Pool (BUI)

Removing a Cache or Log Device from an Existing Storage Pool (CLI)

Unconfiguring a Storage Pool (BUI)

Unconfiguring a Storage Pool (CLI)

Renaming a Storage Pool (BUI)

Renaming a Storage Pool (CLI)

Scrubbing a Storage Pool (BUI)

Scrubbing a Storage Pool (CLI)

Viewing Pool and Device Status (BUI)

Storage Pool Concepts

Data Profiles for Storage Pools

Understanding the Appliance Status

Dashboard Status

Summary of Memory Use

Disk Activity Dashboard

Running the Dashboard Continuously

Status Dashboard Settings

Changing the Displayed Activity Statistics

Changing the Activity Thresholds

Configuring Storage Area Network (SAN)

Configuring FC Port Modes (BUI)

Discovering FC Ports (BUI)

Creating FC Initiator Groups (BUI)

Associating a LUN with an FC Initiator Group (BUI)

Changing FC Port Modes (CLI)

Discovering FC Ports (CLI)

Creating FC Initiator Groups (CLI)

Associating a LUN with an FC Initiator Group (CLI)

Scripting Aliases for Initiators and Initiator Groups (CLI)

Creating an Analytics Worksheet (BUI)

Configuring SAN iSER Targets

Adding an iSCSI Target with an Auto-generated IQN (CLI)

Adding an iSCSI Target with a Specific IQN and RADIUS Authentication (CLI)

Adding an iSCSI Initiator with CHAP Authentication (CLI)

Adding an iSCSI Target Group (CLI)

Adding an iSCSI Initiator Group (CLI)

Configuring SRP Target (BUI)

Configuring SRP Targets (CLI)

Understanding SAN

SAN Fibre Channel Configuration

SAN iSCSI Configuration

SAN iSCSI Initiator Configuration

SAN SRP Configuration

SAN Terminology

Configuring Users

Adding an Administrator or User (BUI)

Adding an Administrator or User (CLI)

Changing a User Password (BUI)

Changing a User Password (CLI)

Editing Exceptions for a User (BUI)

Editing Exceptions for a User (CLI)

Deleting Exceptions for a User (BUI)

Deleting Exceptions for a User (CLI)

Adding a Role (BUI)

Adding a Role (CLI)

Editing Authorizations for a Role (BUI)

Editing Authorizations for a Role (CLI)

Deleting Authorizations from a Role (BUI)

Deleting Authorizations from a Role (CLI)

Adding a User Who Can View the Dashboard

Understanding Users and Roles

User Authorizations

Managing User Properties

Setting Appliance Preferences

Setting Preferences (BUI)

Setting Preferences (CLI)

Setting SSH Public Keys (BUI)

Setting SSH Public Keys (CLI)

Preference Properties

Configuring Alerts

Adding an Alert Action (BUI)

Adding an Alert Action (CLI)

Sending Email Alerts (CLI)

Sending an SNMP Trap (CLI)

Alert Categories

Threshold Alerts

Resuming/Suspending Analytics Datasets and Worksheets

Configuring Certificates

Creating a New Server Certificate (BUI)

Creating a New Server Certificate (CLI)

Uploading CA Certificates from Non-root CAs (BUI)

Uploading CA Certificates from Non-root CAs (CLI)

Viewing CSR and Certificate Details (BUI)

Viewing CSR and Certificate Details (CLI)

Destroying a CSR or Certificate (BUI)

Destroying a CSR or Certificate (CLI)

Setting the Appliance Certificate (BUI)

Setting the Appliance Certificate (CLI)

Uploading Trusted Certificates (BUI)

Uploading Trusted Certificates (CLI)

Viewing Trusted Certificate Details (BUI)

Viewing Trusted Certificate Details (CLI)

Destroying a Trusted Certificate (BUI)

Destroying a Trusted Certificate (CLI)

Assigning a Certificate to a Service (BUI)

Assigning a Certificate to a Service (CLI)

Appliance Services

Shares and Projects

Shadow Migration

Snapshots and Clones

Remote Replication

Data Encryption

Maintenance Workflows

Language:

Uploading CA Certificates from Non-root CAs (CLI)

If your server certificate is signed by a non-root CA, you also need to obtain certificates for the second- and higher-level CAs. After obtaining these CA certificates, use the following steps to upload them.

To upload a certificate, enter the configuration settings certificates system context, and enter the import command.

hostname:configuration settings certificates system> import
("." to end)> -----BEGIN CERTIFICATE-----
("." to end)> MIID0DCCArigAwIBAgIBQDANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx
  ...
("." to end)> 2ai9ZwREdTkcjcgQDxeHNZCpcHk=
("." to end)> -----END CERTIFICATE-----
("." to end)> .

Repeat step 1 for each signed certificate.

To check the imported certificates, view all certificate entries using the command show.

hostname:configuration settings certificates system> show
Properties:
                default = auto
System Certificates:
CERT     TYPE SUBJECT                   ISSUER                    EXPIRES   
cert-000 req  hostname.us.example.com     
cert-001 CA   Joe Test CA              Joe Test CA               2038-1-19
cert-002 cert hostname.us.example.com  Joe Test CA               2038-1-21

Copyright © 2009, 2017, Oracle and/or its affiliates. All rights reserved.