Rkm Appliance - Brocade Communications Systems Brocade BladeSystem 4/24 User Manual
Supporting dcfm 10.4.x
Hide thumbs
Also See for Brocade BladeSystem 4/24:
- User manual (830 pages) ,
- Command reference manual (894 pages) ,
- Documentation update (271 pages)
Table of Contents
Advertisement
20
Uploading the KAC and CA certificates onto the RKM appliance
Uploading the KAC and CA certificates onto the RKM appliance
After an encryption group is created, you need to install the switch public key certificate (KAC
certificate) and signing authority certificate (CA certificate) on the RKM appliance.
1. Start a web browser, and connect to the RKM appliance setup page. You will need the URL, and
2. Select the Operations tab.
3. Select Certificate Upload.
4. In the SSLCAcertificateFile field, enter the full local path of the CA certificate. Do not use the
5. Select Upload, Configure SSL, and Restart Webserver.
6. After the web server restarts, enter the root password.
7.
8. Select the Key Classes tab. For each of the following key classes, perform steps a. through h. to
506
have the proper authority level, a user name, and a password.
UNC naming convention format.
Open another web browser window, and start the RSA management user interface.
You will need the URL, and have the proper authority level, a user name, and a password.
NOTE
The Identity Group name used in the next step may not exist in a freshly installed RKM. To
establish an Identity Group name, click the Identity Group tab, and create a name. The name
Hardware Retail Group is used as an example in the following steps.
create the class. The key classes must be created only once, regardless of the number of
nodes in your encryption group and regardless of the number of encryption groups that will be
sharing this RKM.
kcn.1998-01.com.brocade:DEK_AES_256_XTS
kcn.1998-01.com.brocade:DEK_AES_256_CCM
kcn.1998-01.com.brocade:DEK_AES_256_GCM
kcn.1998-01.com.brocade:DEK_AES_256_ECB
a. Click Create.
b. Type the key name string into the Name field.
c.
Select Hardware Retail Group for Identity Group.
d. Deselect Activated Keys Have Duration.
e. Select AES for Algorithm.
f.
Select 256 for Key Size.
g.
Select the Mode for the respective key classes as follows:
XTS for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_XTS"
CBC for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_CCM"
CBC for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_GCM"
ECB for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_ECB"
h. Click Next.
DCFM Enterprise User Manual
53-1001775-01
Advertisement
Chapters
Table of Contents
Troubleshooting
