Node; Information Not Included In An Upload; Steps Before Configuration Download - Brocade Communications Systems Brocade 8/12c Administrator's Manual

Configuration upload at an encryption group member node
A configuration upload at an individual encryption group member node contains the following:
•
•
•

Information not included in an upload

The following certificates will be not be present when the configuration is downloaded:
•
•
The Authentication Quorum size is included in the configuration upload for read-only purposes, but
is not set by a configuration download.

Steps before configuration download

The configuration download does not have any certificates, public or private keys, master key, or
link keys included. Perform following steps prior to configuration download to generate and obtain
the necessary certificates and keys:
1. Use the following commands to initialize the encryption engine
2. Import peer nodes/switches certificates onto the switch prior to configuration download.
3. Import key vault certificates onto switch prior to configuration download.
4. Create an encryption group with same name as in configuration upload information for the
5. Import Authentication Card Certificates onto the switch prior to configuration download.
Fabric OS Encryption Administrator's Guide
53-1002159-03
The local switch configuration.
Encryption group-related configuration.
Encryption group-wide configuration of Crypto Targets, disk and tape LUNs, tape pools, HA
clusters, security, and key vaults.
External certificates imported on the switch:
-
key vault certificate
-
peer node/switch certificate
-
authentication card certificate
Certificates generated internally:
-
KAC certificate
-
CP certificate
-
FIPS officer and user certificates
cryptocfg --InitNode
cryptocfg --initEE
cryptocfg --regEE
Initializing the switch generates the following internal certificates:
-
KAC certificate
-
CP certificate
-
FIPS officer and user certificates
encryption group leader node.
Configuration upload and download considerations
5
193