FIGURE 220
9. Select Sign with Certificate Authority from the drop-down list. (The example is using
10. Select Client as Certificate Purpose.
11. Set Certificate Duration. Default is 3649 days (recommended).
12. Paste the file contents that you copied in step 3 in the Certificate Request area.
13. Select Sign Request.
14. Download the signed certificate to your local system as signed_kac_eskm_cert.pem or
Importing a signed KAC certificate into a switch
After a KAC CSR has been submitted and signed by a CA, the signed certificate must be imported
into the switch.
NOTE
This operation can be performed only after the switch is added to the encryption group.
1. Select Configure > Encryption from the menu task bar to display the Encryption Center
2. Select a switch from the Encryption Center Devices table, then select Switch > Import
Brocade Network Advisor SAN User Manual
53-1002696-01
Steps for connecting to a KMIP appliance (SafeNet KeySecure)
Certificate and CA Configuration page - Sign Certificate Request
"SafeNetCA (maximum of 3550 days)".
signed_kac_skm_cert.pem, depending on your key vault type.
This file is ready to be imported to the encryption switch or blade.
dialog box (Refer to
Figure 185
Certificate from the menu task bar.
on page 526).
20
585