Hello I've downloaded a demo of OCB 4.1.1.2R1 virtual appliance. When attempting to add a/any filer to OCB using either predefined credentials or new ones, the response OCB comes back with is "Unauthorized". When connecting to the filer via HTTPS in a browser I get "Error 505 - HTTPS not supported". I believe my httpd options look fine:
netapp01> options http
httpd.access legacy
httpd.admin.access legacy
httpd.admin.enable on
httpd.admin.hostsequiv.enable off
httpd.admin.max_connections 512
httpd.admin.ssl.enable on
httpd.admin.top-page.authentication on
httpd.autoindex.enable on
httpd.bypass_traverse_checking off
httpd.enable on
httpd.ipv6.enable off
httpd.log.format common (value might be overwritten in takeover)
httpd.method.trace.enable off
httpd.rootdir /vol/vol0/home/http
httpd.timeout 300 (value might be overwritten in takeover)
httpd.timewait.enable off (value might be overwritten in takeover)
netapp01>
netapp01> options ssl
ssl.enable on
ssl.v2.enable on (same value required in local+partner)
ssl.v3.enable on (same value required in local+partner)
netapp01>
netapp01> secureadmin status
ssh2 - active
ssh1 - inactive
ssl - active
netapp01>
I've read that I could possible do 'secureadmin setup -f ssl' to regenerate the SSL certificates but I'm not sure I want to do that yet, as other things I use may depend on the installed certificate. Using SSH to get to the filer with the same credentials I'm telling OCB to use does work correctly. Any hints?
Ian Ehrenwald Senior Systems Administrator Hachette Book Group, Inc. 617.263.1948 - office 646.842.1261 - mobile ian.ehrenwald@hbgusa.commailto:ian.ehrenwald@hbgusa.com This may contain confidential material. If you are not an intended recipient, please notify the sender, delete immediately, and understand that no disclosure or reliance on the information herein is permitted. Hachette Book Group may monitor email to and from our network.
On OCB, go into the GUI and make sure the IP and the hostname match the virtual machine it is running on.
--tmac
*Tim McCarthy* *Principal Consultant*
Clustered ONTAP Clustered ONTAP NCDA ID: XK7R3GEKC1QQ2LVD RHCE6 110-107-141https://www.redhat.com/wapps/training/certification/verify.html?certNumber=110-107-141&isSearch=False&verify=Verify NCSIE ID: C14QPHE21FR4YWD4 Expires: 08 November 2014 Current until Aug 02, 2016 Expires: 08 November 2014
On Thu, Apr 24, 2014 at 4:18 PM, Ehrenwald, Ian Ian.Ehrenwald@hbgusa.comwrote:
Hello I've downloaded a demo of OCB 4.1.1.2R1 virtual appliance. When attempting to add a/any filer to OCB using either predefined credentials or new ones, the response OCB comes back with is "Unauthorized". When connecting to the filer via HTTPS in a browser I get "Error 505 - HTTPS not supported". I believe my httpd options look fine:
netapp01> options http
httpd.access legacy
httpd.admin.access legacy
httpd.admin.enable on
httpd.admin.hostsequiv.enable off
httpd.admin.max_connections 512
httpd.admin.ssl.enable on
httpd.admin.top-page.authentication on
httpd.autoindex.enable on
httpd.bypass_traverse_checking off
httpd.enable on
httpd.ipv6.enable off
httpd.log.format common (value might be overwritten in takeover)
httpd.method.trace.enable off
httpd.rootdir /vol/vol0/home/http
httpd.timeout 300 (value might be overwritten in takeover)
httpd.timewait.enable off (value might be overwritten in takeover)
netapp01>
netapp01> options ssl
ssl.enable on
ssl.v2.enable on (same value required in local+partner)
ssl.v3.enable on (same value required in local+partner)
netapp01>
netapp01> secureadmin status
ssh2 - active
ssh1 - inactive
ssl - active
netapp01>
I've read that I could possible do 'secureadmin setup -f ssl' to regenerate the SSL certificates but I'm not sure I want to do that yet, as other things I use may depend on the installed certificate. Using SSH to get to the filer with the same credentials I'm telling OCB to use does work correctly. Any hints?
Ian Ehrenwald Senior Systems Administrator Hachette Book Group, Inc. 617.263.1948 - office 646.842.1261 - mobile ian.ehrenwald@hbgusa.com This may contain confidential material. If you are not an intended recipient, please notify the sender, delete immediately, and understand that no disclosure or reliance on the information herein is permitted. Hachette Book Group may monitor email to and from our network.
Toasters mailing list Toasters@teaparty.net http://www.teaparty.net/mailman/listinfo/toasters
Hi Tim Forward and reverse DNS are set up correctly for this host, and the hostname in OCB > Admin > Configuration > Network is the same as the A record.
I did notice on the filer console I see "HTTP XML Authentication failed from 1.2.3.4" where 1.2.3.4 is the IP address of the OCB VM.
Ian Ehrenwald Senior Systems Administrator Hachette Book Group, Inc. 617.263.1948 - office 646.842.1261 - mobile ian.ehrenwald@hbgusa.commailto:ian.ehrenwald@hbgusa.com
From: tmac <tmacmd@gmail.commailto:tmacmd@gmail.com> Date: Thursday, April 24, 2014 at 5:06 PM To: Ian Ehrenwald <Ian.Ehrenwald@HbgUsa.commailto:Ian.Ehrenwald@HbgUsa.com> Cc: "toasters@teaparty.netmailto:toasters@teaparty.net" <toasters@teaparty.netmailto:toasters@teaparty.net> Subject: Re: OCB setup and filer addition
On OCB, go into the GUI and make sure the IP and the hostname match the virtual machine it is running on.
--tmac
Tim McCarthy Principal Consultant
[http://dl.dropbox.com/u/6874230/na_cert_dma_2c.jpg] [http://dl.dropbox.com/u/6874230/rhce.jpeg] [http://dl.dropbox.com/u/6874230/na_cert_ie-san_2c.jpg]
Clustered ONTAP Clustered ONTAP NCDA ID: XK7R3GEKC1QQ2LVD RHCE6 110-107-141https://www.redhat.com/wapps/training/certification/verify.html?certNumber=110-107-141&isSearch=False&verify=Verify NCSIE ID: C14QPHE21FR4YWD4 Expires: 08 November 2014 Current until Aug 02, 2016 Expires: 08 November 2014
On Thu, Apr 24, 2014 at 4:18 PM, Ehrenwald, Ian <Ian.Ehrenwald@hbgusa.commailto:Ian.Ehrenwald@hbgusa.com> wrote: Hello I've downloaded a demo of OCB 4.1.1.2R1 virtual appliance. When attempting to add a/any filer to OCB using either predefined credentials or new ones, the response OCB comes back with is "Unauthorized". When connecting to the filer via HTTPS in a browser I get "Error 505 - HTTPS not supported". I believe my httpd options look fine:
netapp01> options http
httpd.access legacy
httpd.admin.access legacy
httpd.admin.enable on
httpd.admin.hostsequiv.enable off
httpd.admin.max_connections 512
httpd.admin.ssl.enable on
httpd.admin.top-page.authentication on
httpd.autoindex.enable on
httpd.bypass_traverse_checking off
httpd.enable on
httpd.ipv6.enable off
httpd.log.format common (value might be overwritten in takeover)
httpd.method.trace.enable off
httpd.rootdir /vol/vol0/home/http
httpd.timeout 300 (value might be overwritten in takeover)
httpd.timewait.enable off (value might be overwritten in takeover)
netapp01>
netapp01> options ssl
ssl.enable on
ssl.v2.enable on (same value required in local+partner)
ssl.v3.enable on (same value required in local+partner)
netapp01>
netapp01> secureadmin status
ssh2 - active
ssh1 - inactive
ssl - active
netapp01>
I've read that I could possible do 'secureadmin setup -f ssl' to regenerate the SSL certificates but I'm not sure I want to do that yet, as other things I use may depend on the installed certificate. Using SSH to get to the filer with the same credentials I'm telling OCB to use does work correctly. Any hints?
Ian Ehrenwald Senior Systems Administrator Hachette Book Group, Inc. 617.263.1948tel:617.263.1948 - office 646.842.1261tel:646.842.1261 - mobile ian.ehrenwald@hbgusa.commailto:ian.ehrenwald@hbgusa.com This may contain confidential material. If you are not an intended recipient, please notify the sender, delete immediately, and understand that no disclosure or reliance on the information herein is permitted. Hachette Book Group may monitor email to and from our network.
_______________________________________________ Toasters mailing list Toasters@teaparty.netmailto:Toasters@teaparty.net http://www.teaparty.net/mailman/listinfo/toasters
This may contain confidential material. If you are not an intended recipient, please notify the sender, delete immediately, and understand that no disclosure or reliance on the information herein is permitted. Hachette Book Group may monitor email to and from our network.
-
Ehrenwald, Ian -
tmac