Brocade Communications Systems Brocade 8/12c Administrator's Manual page 154
Supporting hp secure key manager (skm) environments and hp enterprise secure key manager (eskm) environments
Hide thumbs
Also See for Brocade 8/12c:
- User manual (1301 pages) ,
- Command reference manual (1132 pages) ,
- Reference (362 pages)
Table of Contents
Advertisement
3
Steps for connecting to an SKM or ESKM appliance
NOTE
If the maximum number of certificates is exceeded, the following message is displayed.
Maximum number of certificates exceeded.
'cryptocfg –delete –file' command and then try again
6. Enter the cryptocfg
7.
8. Display encryption group member information. This example shows the encryption group
134
show -file -all command on the group leader to verify that you have
--
imported all necessary certificates.
The following example shows the member node CP certificate that was imported earlier to the
group leader.
SecurityAdmin:switch>cryptocfg --show -file -all
File name: enc_switch1_cp_cert.pem, size: 1338 bytes
On the group leader, register each node you are planning to include in the encryption group.
Enter the cryptocfg
reg -membernode command with appropriate parameters to register the
--
member node. Specify the member node's WWN, Certificate filename, and IP address when
executing this command. Successful execution of this command distributes all necessary node
authentication data to the other members of the group.
SecurityAdmin:switch>cryptocfg --reg -membernode \
10:00:00:05:1e:39:14:00 enc_switch1_cert.pem 10.32.244.60
Operation succeeded.
NOTE
The order in which member node registration is performed defines group leader succession. At
any given time there is only one active group leader in an encryption group. The group leader
succession list specifies the order in which group leadership is assumed if the current group
leader is not available.
brocade with two member nodes, one group leader and one regular member. No key vault or
HA cluster is configured, and the values for master key IDs are zero.
SecurityAdmin:switch>cryptocfg --show -groupmember -all
NODE LIST
Total Number of defined nodes:2
Group Leader Node Name:
Encryption Group state:
Node Name:
State:
Role:
IP Address:
Certificate:
Current Master Key State:
Current Master KeyID:
Alternate Master Key State:Not configured
Alternate Master KeyID:
EE Slot: 0
SP state:
Current Master KeyID:
Alternate Master KeyID:
No HA cluster membership
Node Name:
State:
Delete an unused certificate with the
.
10:00:00:05:1e:41:9a:7e
CLUSTER_STATE_CONVERGED
10:00:00:05:1e:41:9a:7e (current node)
DEF_NODE_STATE_DISCOVERED
GroupLeader
10.32.244.71
GL_cpcert.pem
Not configured
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Operational; Need Valid KEK
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
10:00:00:05:1e:39:14:00
DEF_NODE_STATE_DISCOVERED
Fabric OS Encryption Administrator's Guide
53-1002159-03
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Brocade Communications Systems Brocade 8/12c
Related Products for Brocade Communications Systems Brocade 8/12c
- Brocade Communications Systems Brocade 8/24c
- Brocade Communications Systems Brocade BladeSystem 4/24
- Brocade Communications Systems Brocade BladeSystem 4/12
- Brocade Communications Systems 8/24
- Brocade Communications Systems POWEREDGE 840
- Brocade Communications Systems 8/8
- Brocade Communications Systems 8/80
- Brocade Communications Systems 8
- Brocade Communications Systems Converged Enhanced Ethernet 8000
- Brocade Communications Systems 800
- Brocade Communications Systems 825
- Brocade Communications Systems 815
- Brocade Communications Systems 8Gb SAN Switch
- Brocade Communications Systems 8000 Series
- Brocade Communications Systems BROCADE 4424 BLADE SERVER 53-1000571-01
- Brocade Communications Systems Brocade Superx Series