Configuring Blade Processor Links; Encryption Node Initialization And Certificate Generation - Brocade Communications Systems StoreFabric SN6500B Administrator's Manual

2

Encryption node initialization and certificate generation

Configuring blade processor links

To configure blade processor links, complete the following steps:
1. Select Configure > Encryption from the menu task bar to display the Encryption Center
2. Select the encryption engine from the Encryption Center Devices table, then select Engine >
FIGURE 9
3. Enter the link IP address and mask, and the gateway IP address.
4. Click OK.

Encryption node initialization and certificate generation

When an encryption node is initialized, the following security parameters and certificates are
generated:
From the standpoint of external SAN management application operations, the FIPS crypto officer,
FIPS user, and node CP certificates are transparent to users. The KAC certificates are required for
operations with key managers. In most cases, KAC certificate signing requests must be sent to a
Certificate Authority (CA) for signing to provide authentication before the certificate can be used. In
all cases, signed KACs must be present on each switch.
28
dialog box. (Refer to Figure 1
Blade Processor Link from the menu task bar to display the Blade Processor Link dialog box
(Figure 9).
Blade Processor Link dialog box
•
Eth0 IP /Mask identifies the Ge0 interface IP address and mask.
•
Eth1 IP /Mask identifies the Ge1 interface IP address and mask.
•
The Gateway IP address is optional.
•
FIPS crypto officer
•
FIPS user
•
Node CP certificate
•
A signed Key Authentication Center
•
A KAC Certificate Signing Request (CSR)
on page 14.)
KAC) certificate
(
Fabric OS Encryption Administrator's Guide (SKM/ESKM)
53-1002721-01