Signing The Brocade Encryption Node Kac Certificates; Importing A Signed Kac Certificate Into A Switch - Brocade Communications Systems Brocade BladeSystem 4/24 User Manual
Supporting dcfm 10.4.x
Hide thumbs
Also See for Brocade BladeSystem 4/24:
- User manual (830 pages) ,
- Command reference manual (894 pages) ,
- Documentation update (271 pages)
Table of Contents
Advertisement
Signing the Brocade encryption node KAC certificates
The KAC certificate signing request generated when the encryption node is initialized must be
exported for each encryption node and signed by the Brocade local CA on SKM. The signed
certificate must then be imported back into the encryption node.
1. From the Encryption Center, select Switch > Export Certificate.
2. Select Public Key Certificate Request (CSR) and click OK.
3. Launch the SKM administration console in a web browser and log in.
4. Select the Security tab.
5. Select Local CAs under Certificates & CAs.
6. Under Local Certificate Authority List, select the Brocade CA name.
7.
8. Select Sign with Certificate Authority using the Brocade CA name with the maximum of 3649
9. Select Client as Certificate Purpose.
10. Allow Certificate Duration to default to 3649.
11. Paste the file contents that you copied in step 3 in the Certificate Request Copy area.
12. Select Sign Request.
13. Download the signed certificate to your local system as signed_kac_skm_cert.pem.
Importing a signed KAC certificate into a switch
After a KAC CSR has been submitted and signed by a CA, the signed certificate must be imported
into the switch.
1. From the Encryption Center, select Switch > Import Certificate.
2. Browse to the location where the signed certificate is stored.
3. Click OK.
DCFM Enterprise User Manual
53-1001775-01
The Export Switch Certificate dialog box displays.
A dialog box displays that allows you to save the CSR to your SAN Management Program client
PC.
Alternatively, you may select Switch > Properties, and click the Export button beside the Public
Key Certificate Request, or copy the CSR for pasting into the Certificate Request Copy area on
the SKM Sign Certificate Request page.
The Certificate and CA Configuration page displays.
Select Sign Request.
The Sign Certificate Request page is displayed.
days option.
Upon success, you are presented with the option of downloading the signed certificate.
This file is then ready to be imported to the encryption switch or blade.
The Import Signed Certificate dialog box displays.
The signed certificate is stored on the switch.
Signing the Brocade encryption node KAC certificates
20
519
Advertisement
Chapters
Table of Contents
Troubleshooting
