Hitachi AMS 2100 Hardware Manual page 233

4. Delete the path phrase (option). When you have generated the
encrypted private key in step 1 or you use the existing encrypted private
key, delete the path phrase in the following procedure. For example,
delete the path phrase after copying the private key with another name
(execution example with Unix) as follows:
cp -p privkey.pem privkey.pem.org
openssl rsa -in privkey.pem.org -out privkey.pem
5. Integrate the server certificate and private key. The array can read only
the file (hereinafter called SSL certificate file) that integrates the server
certificate and private key. Even if using the server certificate signed by
the CA, create the file integrated with the private key in the following
procedure. For example, when integrating the server certificate and
private key as "server.pem" (execution example with Unix), enter:
cat cacert.pem privkey.pem > server.pem
6. Use Navigator 2 to update the server certificate and private key. If you
update the server certificate and private key when the normal port is
invalid, you may not be able to connect it to the array when there is a
problem on the server certificate or private key. Therefore, be sure to
enable the normal port and update it.
a. To enable the normal port, connect the port to the array from the
secure port and select the secure LAN icon in the security tree. The
secure LAN window is displayed.
b. When the normal port status is invalid, click Change Non-secure
Port Status as shown above. The Change Non Secure Port Status
Dialog box is displayed.
c. As shown in the following figure, check Enable non secure port of
controller0 and Enable non secure port of controller1. Then
click OK. This enables the normal ports.
Hitachi AMS 2100/2300 Storage System Hardware Guide
Configuration
7–51