beautypg.com

Enabling ssl on the key management system (kms), Server – Brocade Fabric OS Encryption Administrator’s Guide Supporting HP Secure Key Manager (SKM) and HP Enterprise Secure Key Manager (ESKM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 54

background image

34

Fabric OS Encryption Administrator’s Guide (SKM/ESKM)

53-1002923-01

Steps for connecting to an ESKM/SKM appliance

2

10. Click Sign Request.

11. Enter the required data in the Sign Certificate Request section of the window.

-

Select the CA name from the Sign with Certificate Authority drop-down list.

-

Select Server as the Certificate Purpose.

-

Enter the number of days before the certificate must be renewed based on your site's
security policies. The default value is 3649 or 10 years.

12. Paste the copied certificate request data into the Certificate Request box.

13. Click Sign Request.

The signed certificate request data displays under Sign Certificate Request.

14. Click Download to download the signed certificate to your local system.

15. Copy the signed certificate data, from

-----

BEGIN to END

-----

lines. Be careful to exclude

extra carriage returns or spaces after the data.

16. From the Security tab select Certificates under Certificates & CAs.

17. Select the server certificate name you just created from the certificate list, and select

Properties.

The Certificate Request Information window displays.

18. Click Install Certificate.

The Certificate Installation window displays.

19. Paste the signed certificate data you copied under Certificate Response, then click Save.

The status of the server certificate should change from Request Pending to Active.

Enabling SSL on the Key Management System (KMS) Server

The KMS Server provides the interface to the client. Secure Sockets Layer (SSL) must be enabled
on the KMS Server before this interface will operate. After SSL is enabled on the first appliance, it
will be enabled automatically on the other cluster members.

To configure and enable SSL, complete the following steps:

1. Select the Device tab.

2. In the Device Configuration menu, click KMS Server to display the Key Management Services

Configuration window.

3. In the KMS Server Settings section of the window, click Edit.

4. Configure the KMS Server Settings. Ensure that the port and connection timeout settings are

9000 and 3600, respectively. For Server Certificate, select the name of the certificate you
created in

“Creating and installing the ESKM/SKM server certificate”

on page 33.

5. Click Save.

See also other documents in the category Brocade Computer Accessories: