Brocade Communications Systems StoreFabric SN6500B Administrator's Manual page 169
Brocade fabric os encryption administrator's guide v7.1.0 (53-1002721-01, march 2013)
Hide thumbs
Also See for StoreFabric SN6500B:
- User manual (1505 pages) ,
- Command reference manual (1168 pages) ,
- Reference (934 pages)
Table of Contents
Advertisement
NOTE
If the maximum number of certificates is exceeded, the following message is displayed.
Maximum number of certificates exceeded.
'cryptocfg –delete –file' command and then try again
6. Enter the cryptocfg
7.
8. Display encryption group member information. This example shows the encryption group
Fabric OS Encryption Administrator's Guide (SKM/ESKM)
53-1002721-01
show
--
imported all necessary certificates.
The following example shows the member node CP certificate that was imported earlier to the
group leader.
SecurityAdmin:switch> cryptocfg --show -file -all
File name: enc_switch1_cp_cert.pem, size: 1338 bytes
On the group leader, register each node you are planning to include in the encryption group.
Enter the cryptocfg
reg
--
the member node. Specify the member node's WWN, Certificate filename, and IP address
when executing this command. Successful execution of this command distributes all
necessary node authentication data to the other members of the group.
SecurityAdmin:switch> cryptocfg --reg -membernode \
10:00:00:05:1e:39:14:00 enc_switch1_cert.pem 10.32.244.60
Operation succeeded.
NOTE
The order in which member node registration is performed defines group leader succession. At
any given time there is only one active group leader in an encryption group. The group leader
succession list specifies the order in which group leadership is assumed if the current group
leader is not available.
brocade with two member nodes, one group leader and one regular member. No key vault or
HA cluster is configured, and the values for master key IDs are zero.
SecurityAdmin:switch> cryptocfg --show -groupmember -all
NODE LIST
Total Number of defined nodes:2
Group Leader Node Name:
Encryption Group state:
Node Name:
State:
Role:
IP Address:
Certificate:
Current Master Key State:
Current Master KeyID:
Alternate Master Key State:Not configured
Alternate Master KeyID:
EE Slot: 0
SP state:
Current Master KeyID:
Alternate Master KeyID:
No HA cluster membership
Steps for connecting to an SKM or ESKM appliance
Delete an unused certificate with the
file
all command on the group leader to verify that you have
-
-
membernode command with appropriate parameters to register
-
10:00:00:05:1e:41:9a:7e
CLUSTER_STATE_CONVERGED
10:00:00:05:1e:41:9a:7e (current node)
DEF_NODE_STATE_DISCOVERED
GroupLeader
10.32.244.71
GL_cpcert.pem
Not configured
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Operational; Need Valid KEK
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
.
3
151
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Brocade Communications Systems StoreFabric SN6500B
Related Products for Brocade Communications Systems StoreFabric SN6500B
- Brocade Communications Systems SN3000B
- Brocade Communications Systems FastIron SX 800
- Brocade Communications Systems FastIron SX 1600
- Brocade SX 800
- Brocade SX 1600
- Brocade Communications Systems ServerIron ADX
- Brocade Communications Systems Slim Rail Rack Mount
- Brocade Communications Systems SilkWorm 2000
- Brocade Communications Systems SI1000
- Brocade Communications Systems SI1000F
- Brocade Communications Systems SI4000
- Brocade Communications Systems SI10000
- Brocade Communications Systems Brocade 8/12c
- Brocade Communications Systems Brocade 8/24c
- Brocade Communications Systems Brocade BladeSystem 4/12
- Brocade Communications Systems Brocade BladeSystem 4/24