Dell EMC Isilon 換憑證筆記

先把憑證輸入到 isilon 的設備中

# vi /ifs/local/server.crt
# vi /ifs/local/server.key

匯入憑證

# isi certificate server import /ifs/local/server.crt /ifs/local/server.key

檢查憑證是否有正確匯入

# cat /usr/local/apache2/conf/ssl.crt/server.crt
# cat cat /usr/local/apache2/conf/ssl.key/server.key

將複製憑證到每個節點

# isi_for_array -s 'cp /ifs/local/server.key /usr/local/apache2/conf/ssl.key/server.key'
# isi_for_array -s 'cp /ifs/local/server.crt /usr/local/apache2/conf/ssl.crt/server.crt'

停止網頁服務

# isi services -a isi_webui disable

列表出目前所有的憑證

# isi certificate server list -v

變更新安裝的憑證為預設

# isi certificate settings modify  --default-https-certificate=267f2471b0484a8b9174f01736a178880fb86909deb445929b7b29cc8b6a3268

移除舊有的憑證

# isi certificate server delete ef33da9ed7784f5f84c672c9495555cf69b7d36d3b5e4a11b847c08cfa3d7395

繼續提供網頁服務

# isi services -a isi_webui enable

驗證憑證是否正確安裝

# echo QUIT | openssl s_client -connect localhost:8080

Leave a Reply

Your email address will not be published. Required fields are marked *

 

This site uses Akismet to reduce spam. Learn how your comment data is processed.