.
FIGURE 195
2. Select Load from File and browse to the location on your client PC that contains the
Steps for connecting to an LKM/SSKM appliance
The NetApp KeySecure Lifetime Key Manager (LKM) and Storage Secure Key Manager (SSKM)
reside on an FIPS 140-2 Level 3-compliant network appliance. The encryption engine and
LKM/SSKM appliance communicate over a trusted link. A trusted link is a secure connection
established between the Fabric OS encryption switch or blade and the NetApp LKM/SSKM
appliance, using a shared secret called a link key. One link key per encryption switch is established
with each LKM/SSKM appliance; only one link key is established with each LKM/SSKM appliance
and shared between the blades.
The following configuration steps are performed from the NetApp DataFort Management Console
(DMC) and from the Management application:
1. Obtain and import the LKM/SSKM certificate. Refer to
2. Export and register encryption node certificates on LKM/SSKM. Refer to
3. Install and launch the NetApp DataFort Management Console. Refer to
4. Establish the trusted link. Refer to
Brocade Network Advisor SAN User Manual
53-1002696-01
Encryption Group Properties with Key Vault Certificate
downloaded CA certificate in .pem format.
LKM/SSKM certificate"
on page 550.
registering the switch KAC certificates on LKM/SSKM"
DataFort Management Console"
Steps for connecting to an LKM/SSKM appliance
"Obtaining and importing the
on page 551.
on page 551.
"Establishing the trusted link"
20
"Exporting and
"Launching the NetApp
on page 552.
549