Skip to main content
NetApp Stage KB

Conversion of backup on On-prem to AWS S3 over AWS S3 private link from HTTP to HTTPS fails with certificate or connectivity error

Views:
Visibility:
Public
Votes:
0
Category:
cloud-backup-service
Specialty:
CLOUD
Last Updated:

Applies to

  • Cloud Manager
  • Backup enable on On-Prem
  • AWS S3
  • AWS S3 Private Link
  • HTTPS
  • Path Style URL
  • Cloud Backup Services (CBS)
  • Intercluster lif in non-default IPspace

Issue

Conversion of Cloud Backup from On-prem to AWS S3 over AWS S3 private link over AWS VPC Endpoint Interface from HTTP to HTTPS fails on ONTAP CLI with certificate or connectivity error

OnPremCluster::*> snapmirror object-store config modify -is-ssl-enabled true -is-certificate-validation-enabled true -object-store-name netapp-backup-15d64678-1bc9-11ec-950d-95d34ca056b5 -port 443
Error: command failed: Failed to modify object store configuration during config modify for Vserver "OnPremCluster", object store "netapp-backup-15d64678-1bc9-11ec-950d-95d34ca056b5". (confirmation needed)


OnPremCluster::*> set -confirmations off

OnPremCluster::*> snapmirror object-store config modify -is-ssl-enabled true -is-certificate-validation-enabled true -object-store-name netapp-backup-15d64678-1bc9-11ec-950d-95d34ca056b5 -port 443
Error: command failed: Failed to modify object store configuration during config modify for Vserver "OnPremCluster", object store "netapp-backup-15d64678-1bc9-11ec-950d-95d34ca056b5". (Cannot verify availability of the object store from node OnPremCluster-01. Reason: Cannot verify the certificate given by the object store server. It is possible that the certificate has not been installed on the cluster. Use the 'security certificate install -type server-ca' command to install it..)

OnPremCluster::*> snapmirror object-store config modify -is-ssl-enabled true -is-certificate-validation-enabled false -object-store-name netapp-backup-15d64678-1bc9-11ec-950d-95d34ca056b5 -port 443
Error: command failed: Failed to modify object store configuration during config modify for Vserver "OnPremCluster", object store "netapp-backup-15d64678-1bc9-11ec-950d-95d34ca056b5". (Certificate validation must be enabled for object store provider AWS_S3.)

OnPremCluster::*> set -confirmations on

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.
60c61eb0-d1e2-4389-89cd-8ddde0443667