Steps for connecting to an eskm/skm appliance, Steps, For connecting to an eskm/skm appliance – Brocade Network Advisor SAN User Manual v12.1.0 User Manual
Page 643: Lkm/sskm key vault deregistration
Brocade Network Advisor SAN User Manual
595
53-1002948-01
Steps for connecting to an ESKM/SKM appliance
20
LKM/SSKM key vault deregistration
Deregistration of either the primary or secondary LKM/SSKM key vault from an encryption switch
or blade is allowed independently.
•
Deregistration of Primary LKM/SSKM: You can deregister the Primary LKM/SSKM from an
encryption switch or blade without deregistering the backup or secondary LKM/SSKM for
maintenance or replacement purposes. However, when the primary LKM/SSKM is
deregistered, key creation operations will fail until either the primary LKM/SSKM is
reregistered, or the secondary LKM/SSKM is deregistered and reregistered as the primary
LKM/SSKM.
When the primary LKM/SSKM is replaced with a different LKM/SSKM, you must first
synchronize the DEKs from the secondary LKM/SSKM before reregistering the primary
LKM/SSKM.
•
Deregistration of Secondary LKM/SSKM: You can deregister the secondary LKM/SSKM
independently. Future key operations will use only the primary LKM/SSKM until the secondary
LKM/SSKM is reregistered on the encryption switch or blade.
When the secondary LKM/SSKM is replaced with a different LKM/SSKM, you must first
synchronize the DEKs from the primary LKM/SSKM before reregistering the secondary
LKM/SSKM.
Steps for connecting to an ESKM/SKM appliance
The ESKM/SKM management web console can be accessed from any web browser with Internet
access to the ESKM/SKM appliance. The URL for the appliance is as follows:
https://
Where:
-
is the hostname or IP address when installing the ESKM/SKM
appliance.
-
is 9443 by default. If a different port number was specified
when installing the ESKM/SKM appliance, use that port number.
The following configuration steps are performed from the ESKM/SKM management web console
and from the Management application:
•
Configure a Brocade group on the ESKM/SKM. Refer to
“Configuring a Brocade group on
•
Register the Brocade group user name and password on the encryption node. Refer to
“Registering the ESKM/SKM Brocade group user name and password”
•
Set up a local CA on the ESKM/SKM. Refer to
“Setting up the local Certificate Authority (CA) on
•
Download the CA certificate. Refer to
“Downloading the local CA certificate from ESKM/SKM”
•