beautypg.com

Replacing the default secure-site certificate, Replacing the default secure-site, Certificate – Brocade 6910 Ethernet Access Switch Configuration Guide (Supporting R2.2.0.0) User Manual

Page 930

background image

874

Brocade 6910 Ethernet Access Switch Configuration Guide

53-1002651-02

42

Configuring HTTPS

Replacing the Default Secure-site Certificate

Use the Security > HTTPS (Copy Certificate) page to replace the default secure-site certificate.

When you log onto the web interface using HTTPS (for secure access), a Secure Sockets Layer (SSL)
certificate appears for the switch. By default, the certificate that the web browser displays will be
associated with a warning that the site is not recognized as a secure site. This is because the
certificate has not been signed by an approved certification authority. If you want this warning to be
replaced by a message confirming that the connection to the switch is secure, you must obtain a
unique certificate and a private key and password from a recognized certification authority.

CAUTION
For maximum security, we recommend you obtain a unique Secure Sockets Layer certificate at
the earliest opportunity. This is because the default certificate for the switch is not unique to the
hardware you have purchased.

When you have obtained these, place them on your TFTP server and transfer them to the switch to
replace the default (unrecognized) certificate with an authorized one.

NOTE

The switch must be reset for the new certificate to be activated. To reset the switch, see

“Resetting

the System”

on page 697 or type “reload” at the command prompt:

Console

#

reload

CLI References

“Web Server”

on page 159

Parameters
These parameters are displayed:

TFTP Server IP Address – IP address of TFTP server which contains the certificate file.

Certificate Source File Name – Name of certificate file stored on the TFTP server.

Private Key Source File Name – Name of private key file stored on the TFTP server.

Private Password – Password stored in the private key file. This password is used to verify
authorization for certificate use, and is verified when downloading the certificate to the switch.

Confirm Password – Re-type the string entered in the previous field to ensure no errors were

made. The switch will not download the certificate if these two fields do not match.

Interface
To replace the default secure-site certificate:

1. Click Security, HTTPS.

2. Select Copy Certificate from the Step list.

3. Fill in the TFTP server, certificate and private key file name, and private password.

4. Click Apply.

See also other documents in the category Brocade Computer Accessories: