ONTAP 9.14.1 commands

security ipsec ca-certificate add

Add CA certificate(s) to a vserver

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.


This command adds a list of CA certificates to IPsec for the given Vserver. These certificates will be used for PKI authentication with remote IKE endpoint. The CA certificates should have already been installed using either security certificate install command or security certificate create command.


-vserver <vserver name> - Vserver Name

Use this parameter to specify the Vserver for which the IPsec CA certificates should be added.

-ca-certs <text>,…​ - CA Certificate Names

Use this parameter to specify the list of CA certificates to be added to IPsec.


The following example adds two IPsec CA certificates named caCert1 and caCert2 to Vserver v1.

cluster-1::>security ipsec ca-certificate add -vserver v1 -ca-certs caCert1,caCert2
Top of Page