Obtaining And Importing The Lkm/Sskm Certificate - Brocade Communications Systems StoreFabric SN6500B User Manual
Brocade network advisor san user manual v12.0.0 (53-1002696-01, march 2013)
Hide thumbs
Also See for StoreFabric SN6500B:
- Command reference manual (1168 pages) ,
- Reference (934 pages) ,
- Reference manual (370 pages)
Table of Contents
Advertisement
20
Steps for connecting to an LKM/SSKM appliance
5. If required, create an LKM/SSKM cluster for high availability. Refer to
Additional information for consideration is discussed in the following sections:
•
•
•
Obtaining and importing the LKM/SSKM certificate
Certificates must be exchanged between the LKM/SSKM appliance and the encryption switch to
enable mutual authentication. You must obtain a certificate from the LKM/SSKM appliance and
import it into the encryption group leader. The encryption group leader exports the certificate to
other encryption group members.
To obtain and import an LKM/SSKM certificate, complete the following steps:
1. Open an SSH connection to the NetApp LKM/SSKM appliance and log in.
2. Add the group leader to the LKM/SSKM key sharing group. Enter lkmserver add
3. On the NetApp LKM appliance terminal, enter sys cert getcert-v2 to display the LKM certificate
4. Copy and paste the LKM/SSKM certificate content from the NetApp LKM/SSKM appliance
550
high availability deployment"
"Disk keys and tape pool keys (Brocade native mode support)"
"Tape LUN and DF -compatible tape pool support"
"LKM/SSKM key vault deregistration"
host$ssh admin@10.33.54.231
admin@10.33.54.231's password:
Copyright (c) 2001-2009 NetApp, Inc.
All rights reserved
+--------------------------------+
| NetApp Appliance Management CLI |
|
Authorized use only!
+--------------------------------+
Cannot read termcapdatabase;
using dumb terminal settings.
Checking system tamper status:
No physical intrusion detected.
third-party
key-sharing-group "/" followed by the group leader IP address.
--
lkm-1>lkmserver add --type third-party --key-sharing-group \
"/" 10.32.244.71
NOTICE: LKM Server third-party 10.32.244.71 added.
Cleartext connections not allowed.
content.
lkm-1> sys cert getcert-v2
-----BEGIN CERTIFICATE-----
[content removed]
-----END CERTIFICATE-----
terminal into an editor buffer. Save the file as lkmcert.pem on the SCP-capable host. Save the
entire certificate, including the lines
CERTIFICATE-----.
on page 552.
on page 553
on page 554
|
-----BEGIN CERTIFICATE-----
"LKM/SSKM key vault
on page 553
--
and
-----END
Brocade Network Advisor SAN User Manual
53-1002696-01
type
- Quick Links:
- Viewing Port Status
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
