This is likely bug 816595. Fixed in 8.3.1. (I know that doesn’t help you get it working on your current version)
http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=816595
You can use HTTP. There are also some potential alternate options, but you’d need to contact support.
From: toasters-bounces@teaparty.net [mailto:toasters-bounces@teaparty.net]
On Behalf Of Tony Bar
Sent: Friday, August 28, 2015 2:00 PM
To: toasters@teaparty.net
Subject: Questions about Cert CAs with software updates in CDOT
Toasters -
This is a new one to me, but I'm sure my customer here isn't the only one out there who issues self-signed certs with custom names. Has anyone else run into this before and if so, what did you have to do to resolve? We've tried doing
a symlink from her cert to the expected name/path but that doesn't help. Is there perhaps a hidden option like "-k -O" in Unix application "curl" or an alternate method for downloading the updates?
Output of what I'm seeing below, any help would be appreciated:
<clustername>::> system node image update -node <cluster>-01 -package https://<webhost>/util/83P2_q_image.tgz -replace-package true
Install Failed.
Failed to download package from
https://<webhost>/util/83P2_q_image.tgz. Error: Problem with the SSL
CA cert (path? access rights?) : error setting certificate verify locations:
CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
Error: command failed: Install Failed. Failed to download package from
https://<webhost>/util/83P2_q_image.tgz. Error: Problem with
the SSL CA cert (path? access rights?) : error setting certificate
verify locations:
CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
We do not have access to FTP or TFTP options, the customer is a financial services company so their network is pretty locked down without many (if any) options to work with.
Thanks again!
Anthony Bar
(650) 207-5368
www.berkcom.com