You can request a signed certificate from a non-Windows 2000 certificate authority.
To request a signed certificate from a non-Windows 2000 certificate authority, follow the instructions on the certificate authority's web site. Non-Windows 2000 certificate authorities typically require you to generate and submit a certificate signing request.
To generate a certificate signing request for a certificate that you will be installing on a Windows client, use the openssl utility. For more information, search the Internet for "openssl."
cert_file_name is the name of the file into which to store the unsigned certificate. Data ONTAP stores this file in the /etc/keymgr/cert directory.
key_length is the length of the private key in bits. For example, 1024.
key_file_name is the name of the file in which to store the private key. Data ONTAP stores this file in the /etc/keymgr/key directory.
two_character_country_code is the two-character abbreviation for the country where the storage system is located without punctuation. For example, US or CA.
full_state_name is the full name of the state where the storage system is located. For example, California or Washington.
organization_name is the name of the organization or company running the storage system.
organization_locality is the city where the storage system is located. For example, Sunnyvale or Berkeley.
unit_name is name of the department or organization unit running the storage system.