beautypg.com

The browser – Brocade Fabric OS Administrators Guide (Supporting Fabric OS v7.3.0) User Manual

Page 182

background image

For example, certificates that contain lines similar to the following are usually .pem encoded:

"----BEGIN REQUEST----" and "----END REQUEST---- (and may include the strings

"x509" or "certificate")

• For Certificate Authorities that request information regarding the type of web server, Fabric OS uses

the Apache web server running on Linux.

• If you try to import certificates of different sizes for a given switch, the import fails. If this happens,

remove the previous certificate and then import the new certificate.

Use the following procedure to install a security certificate on a switch.

NOTE
You must perform this procedure on each switch.

1. Connect to the switch and log in using an account with admin permissions.
2. Enter the secCertUtil import command.
3. Select a protocol, enter the IP address of the host on which the switch certificate is saved, and enter

your login name and password.

Example of installing a switch certificate in interactive mode

switch:admin> seccertutil import -config swcert -enable https

Select protocol [ftp or scp]: ftp

Enter IP address: 192.10.11.12

Enter remote directory: path_to_remote_directory

Enter certificate name (must have ".crt", ".cer", \

".pem" or ".psk" suffix): 192.1.2.3.crt

Enter Login Name: your_account

Enter Password: *****

Success: imported certificate [192.1.2.3.crt].

Example of installing a switch certificate in noninteractive mode

switch:admin> seccertutil import -config swcert -enable https \

-protocol ftp -ipaddr 192.10.11.12 -remotedir path_to_remote_directory \

-certname 192.1.2.3.crt -login your_account -password passwd

Success: imported certificate [192.1.2.3.crt].

Certificate file in configuration has been updated.

Secure http has been enabled.

Example of installing a common certificate in non-interactive mode

switch:admin> seccertutil import -commonswcert -config swcert -enable https -

protocol scp -ipaddr 192.10.11.12 -remotedir

path_to_remote_directory -login cert -certname 192.1.2.3.pem

The browser

The root certificate may already be installed on your browser, if not, you must install it. To see whether
it is already installed, check the certificate store on your browser.

The next procedures are guides for installing root certificates to Internet Explorer and Mozilla Firefox
browsers. For more detailed instructions, refer to the documentation that came with the certificate.

Checking and installing root certificates on Internet Explorer

Use the following procedure to check and install a root security certificate on a switch using IE:

The browser

182

Fabric OS Administrators Guide

53-1003130-01

See also other documents in the category Brocade Computer Accessories: