Table of Contents
Advertisement
20
Steps for connecting to an ESKM/SKM appliance
•
•
•
Setting up the local Certificate Authority (CA) on ESKM/SKM
To create and install a local CA, complete the following steps:
1. Log in to the ESKM/SKM management web console using the admin password.
2. Select the Security tab.
3. Under Certificates & CAs, click Local CAs. (Refer to
4. Enter information required by the Create Local Certificate Authority section of the window to
5. Click Create.
NOTE
Fabric OS 7.1.0 will use SHA256 signatures for the TLS certificates used to connect to the ESKM 3.0.
726
Different user names and passwords can never be used within the same encryption group, but
each encryption group may have its own user name and password.
If you change the user name and password, the keys created by the previous user become
inaccessible. The Brocade group user name and password must also be changed to the same
values on ESKM/SKM to make the keys accessible.
When storage is moved from one encryption group to another, and the new encryption group
uses a different user name and password, the Brocade group user name and password must
also be changed to the same values on ESKM/SKM to make the keys accessible.
create your local CA.
-
Enter a Certificate Authority Name and Common Name. These may be the same value.
-
Enter your organizational information.
-
Enter the Email Address to receive messages for the Security Officer.
-
Enter the Key Size. HP recommends using 2048 for maximum security.
-
Select Self-signed Root CA.
-
Enter the CA Certification Duration and Maximum User Certificate Duration. These values
determine when the certificate must be renewed and should be set in accordance with
your company's security policies. The default value for both is 3650 days or 10 years.
The new local CA displays under Local Certificate Authority List.
Figure
279.)
Brocade Network Advisor SAN User Manual
53-1003154-01
Advertisement
Chapters
Table of Contents
Troubleshooting
