Skip to Main Content
IBM System Storage Ideas Portal


This portal is to open public enhancement requests against IBM System Storage products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Delivered
Created by Guest
Created on Dec 6, 2023

Renew Certificate for all clients

Now have many of our IBM Storage Protect Server been running for years and it is time to renew our certificate especially our self-signed version that many of our installations has been configured with. In the 8.1.20 Server version is it now possible to renew our certificate but the deployment to all our clients hasn't been fixed yet. 

But there is a issue with Storage Protect main design here where we can only use 1 certificate to be trusted, there for if we renew it on our server side we need at the same time renew it at the same day for all our clients manually. 

An idea is to have 1 Primary Certificate that is our preferred certificate and a Secondary Certificate that is a fall-back, in that way if we renew the certificate on the server side and make it as our primary certificate the clients that need to be renewed will then failed to communicate and it get's another chance to signin again with a backup certificate that could be the old certificate, and if that works Storage Protect Server will then push the Public Key for the Primary Certificate and then ask the client to relogin with the Primary Certificate, if that is successfully then can the client backup/restore or any other functions. 

This idea is very similar to the Transitional mode that we have today, but in this case you must already have a valid certificate that still are the backup certificate valid time period. 
If the client miss that transformation period, then should we go back to as it works today that you need to either change the node back to Transitional mode or manually add the certificate to the GSK Trust store.

Idea priority High
  • Admin
    Juan Carlos Jimenez Fuentes
    Reply
    |
    Dec 12, 2023

    This request has been delivered into a previously released version of the product, or imminently in the next available release.

    Please share feedback around the 4Q deliverables and if those satisfy the request.