beautypg.com

Downloading the local ca certificate from eskm/skm, Creating and installing the, Eskm/skm server certificate – Brocade Fabric OS Encryption Administrator’s Guide Supporting HP Secure Key Manager (SKM) and HP Enterprise Secure Key Manager (ESKM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 53

background image

Fabric OS Encryption Administrator’s Guide (SKM/ESKM)

33

53-1002923-01

Steps for connecting to an ESKM/SKM appliance

2

5. Under Certificates & CAs, select Trusted CA Lists to display the Trusted Certificate Authority List

Profiles.

6. Click on Default under Profile Name.

7. In the Trusted Certificate Authority List, click Edit.

8. From the list of Available CAs in the right panel, select the CA you just created.

Repeat these steps any time another local CA is needed.

Downloading the local CA certificate from ESKM/SKM

The local CA certificate you created using the procedure for

“Setting up the local Certificate

Authority (CA) on ESKM/SKM”

on page 32 must be saved to your local system. Later, this certificate

must be imported onto the Brocade encryption group leader nodes.

1. From the Security tab, select Local CAs under Certificates and CAs.

2. Select the CA certificate you created and click Download, then save the certificate file on your

local system.

3. Rename the downloaded file, changing the .cert extension to a .pem extension.

Creating and installing the ESKM/SKM server certificate

To create the ESKM/SKM server certificate, complete the following steps:

1. Click the Security tab.

2. Under Certificates and CAs, select Certificates.

3. Enter the required information under Create Certificate Request.

-

Enter a Certificate Name and Common Name. The same name may be used for both.

-

Enter your organizational information.

-

Enter the E-mail Address where you want messages to the Security Officer to go.

-

Enter the Key Size. HP recommends using the default value: 1024.

4. Click Create Certificate Request.

Successful completion is indicated when the new entry for the server certificate displays on the
Certificate List with a Certificate Status of Request Pending.

5. Select the newly created server certificate from the Certificate List.

6. Select Properties.

The pending request displays under Certificate Request Information.

7. Copy the certificate data from

-----

BEGIN CERTIFICATE REQUEST

-----

to

-----

END

CERTIFICATE REQUEST

--–––

lines. Be careful to exclude extra carriage returns or spaces after

the data.

8. Under Certificates & CAs, select Local CAs.

The Certificate and CA Configuration page is displayed.

9. From the CA Name column, select the name of the local CA you just created in

“Setting up the

local Certificate Authority (CA) on ESKM/SKM”

on page 32.

See also other documents in the category Brocade Computer Accessories: