Provisioning Self-Sign Certificates; Configuring Ssl For Cisco Sme - Cisco AJ732A - MDS 9134 Fabric Switch Configuration Manual
Cisco mds 9000 family storage media encryption configuration guide - release 4.x (ol-18091-01, february 2009)
Hide thumbs
Also See for AJ732A - Cisco MDS 9134 Fabric Switch:
- Command reference manual (1640 pages) ,
- Configuration manual (700 pages) ,
- Messages manual (518 pages)
Table of Contents
Advertisement
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Provisioning Self-Sign Certificates
The Secure Socket Layer (SSL) protocol secures the network communication and allows data to be
encrypted before transmission and provides security. Many application servers and Web servers support
the use of keystores for SSL configuration.
This appendix also includes information on how to select the RSA Key Manager.
This appendix includes the following sections:
•
•
•
Configuring SSL for Cisco SME
A certificate is an electronic document that you use to identify a server, a company, or some other entity
and to associate that identity with a public key.
Certificate authority (CA) are entities that validate identities and issue certificates. The certificate that
the CA issues binds a particular public key to the name of the entity that the certificate identifies (such
as the name of a server or device). Only the public key that the certificate certifies works with the
corresponding private key that is possessed by the entity that the certificate identifies. Certificates help
prevent the use of fake public keys for impersonation.
You must install a third-party tool such as the OpenSSL application to generate a certificate request. In
Windows, by default, openssl.exe is located at c:\openssl\bin.
Before configuring the SSL, consider the following:
•
•
•
This section describes the following topics:
•
•
OL-18091-01, Cisco MDS NX-OS Release 4.x
Configuring SSL for Cisco SME, page C-1
Generating and Installing Self-Signed Certificates, page C-4
Editing SSL Settings in Cisco Fabric Manager Web Client, page C-6
Ensure that the time in all the switches, Fabric Manager server and the system running the OpenSSL
commands, are all synchronized.
Provide different identities for the CA certificate and KMC certificate.
Only JRE1.6 JAVA keytool is supported for importing PKCS12 certificates to Java Keystores (JKS)
files.
Creating CA Certificates, page C-2
Generating KMC Certificate, page C-4
A P P E N D I X
Cisco MDS 9000 Family Storage Media Encryption Configuration Guide
C
C-1
Advertisement
Table of Contents
Troubleshooting
