Update Sed Authentication Key - Fujitsu ETERNUS DX60 S3 User Manual
Disk storage systems
Hide thumbs
Also See for ETERNUS DX60 S3:
- User manual (423 pages) ,
- Configuration manual (160 pages) ,
- Operation manual (88 pages)
Table of Contents
Advertisement
Chapter 1 System Management
1.11 Key Management
1.11.8
Update SED Authentication Key
This function updates the key in the key group. Updating of the key is performed in the following ways:
•
When no key is registered in the key group, a key that has not expired is obtained from the key server.
•
When the key is valid and has not expired, this key is replaced with a new key from the key server.
The ETERNUS DX S3 series monitors the key on a regular basis and automatically replaces an expired key with
a new key. This function is used when a new key is required before the key expiration date has been reached
because the user loses the SEDs that were disconnected for maintenance. This function asks whether to use
the current key again when replacing the key.
•
Replacing a key is only available when the master server is registered. Check the registration status of the
master server in the [Key Group] screen. To replace the key, register the master server in advance. Refer to
"1.11.7 Modify Key Group" (page 174)
•
The key is updated only when communication with the master server is normal.
•
If no key is registered in the key group, an error occurs when the first update of the key is performed. In
this case, register the SSL certificate of the ETERNUS DX S3 series in the key server, accept access from the
ETERNUS DX S3 series, and then update the key again. The key status changes to "Normal". An SSL certifi-
cate of the ETERNUS DX S3 series indicates a "self-signed SSL certificate" or an "SSL server certificate".
•
The key can only be updated when the SEDs that configure the RAID groups in the key group are in the
normal status. If there are SEDs without normal status in the RAID group, make sure to perform
maintenance for these SEDs in advance. If the key is updated before required maintenance is performed
for the SEDs, the RAID group status changes to "
is not complete (the key status of the key group is not changed from "Modifying"). Updating of the key is
complete after performing the SED maintenance and the status of all the RAID groups has returned to
"
Available" (the key status of the key group has changed to "Normal").
•
If the RAID groups in the key group are blocked (the status is "
not changed to "
the key. Refer to
•
When "Disabled Key" is selected for "Current Key", make sure to compromise (*1) the key in the key server
by using CLI for the key server. Note that GUI for the key server does not support the key compromising
function.
*1:
The key becomes unavailable in the key server.
•
This function can be used to replace a key when the expiration date of the key is set to "Unlimited".
•
This function can also be used to update the key in a key group in which no RAID groups are registered.
For details on the parameters for this function, refer to
For the factory default settings for this function, refer to
984).
for details.
Available" even after the key is updated. Make sure to recover SEDs before updating
"5.9 Recovery SED" (page 554)
176
ETERNUS Web GUI User's Guide (Settings)
Copyright 2015 FUJITSU LIMITED
Exposed" and updating of the key for the RAID group
SED Locked"), the RAID group status is
for details.
"A.1.10.6 Update SED Authentication Key" (page
"Appendix B Update SED Authentication Key" (page
760).
P2X0-1270-13ENZ0
- Quick Links:
- Initial Setup
Hide quick links:
Advertisement
Table of Contents
