Deregistering a dpm key vault – Brocade Fabric OS Encryption Administrator’s Guide Supporting RSA Data Protection Manager (DPM) Environments (Supporting Fabric OS v7.2.0) User Manual
Page 310

290
Fabric OS Encryption Administrator’s Guide (DPM)
53-1002922-01
Deregistering a DPM key vault
6
30. Verify that defzone is set as no access.
31. If HA cluster membership for the old Brocade Encryption Switch was in place. Do the following
for moving container movement to the new Brocade Encryption Switch.
a. Replace the old EE with the new EE using the following command on the group leader.
Admin:switch> cryptocfg -–replace
b. Issue commit.
Admin:switch> cryptocfg --commit
c. Replace the HAC membership from the old EE to the new EE using the following command
on the group leader.
Admin:switch> cryptocfg –-replace –haclustermember
of Old BES>
d. Issue commit.
Admin:switch> cryptocfg –-commit
e. If “manual” failback was set on the HA cluster, you must manually fail back the LUNs
owned by the newly replaced Brocade Encryption Switch.
32. If HA cluster membership for the old Brocade Encryption Switch was not in place. Do the
following for moving container to the New BES.
a. Replace the old EE with the new EE using following command on the group leader.
Admin:switch> cryptocfg -–replace
b. Issue commit.
Admin:switch> cryptocfg --commit
33. Check the EG state using the following command to ensure that the entire EG is in a converged
and In Sync state.
Admin:switch> cryptocfg –-show –groupcfg
Deregistering a DPM key vault
Each Brocade Encryption Switch is associated with an identity and a client on the DPM 3.2 server.
Before reregistering the DPM server on the Brocade Encryption Switch, make sure the previous
client entry is removed from the DPM server.
You can identify the client name of the Brocade Encryption Switch on the DPM Key Vault using the
cryptocfg
--
show
-
groupcfg command, which displays the Client Username. A sample output is
provided.
SecurityAdmin:switch> cryptocfg --show -groupcfg
Primary Key Vault:
IP address: 10.11.1.111 Certificate ID: RSA
Certificate label: dpm
State: Connected