Understanding configuration status results, Figure 24, Instructions – Brocade Fabric OS Encryption Administrator’s Guide Supporting HP Secure Key Manager (SKM) and HP Enterprise Secure Key Manager (ESKM) Environments (Supporting Fabric OS v7.2.0) User Manual
Page 70
50
Fabric OS Encryption Administrator’s Guide (SKM/ESKM)
53-1002923-01
Creating an encryption group
2
FIGURE 24
Next Steps dialog box
14. Review post-configuration instructions, which you can copy to a clipboard or print for later.
15. Click Finish to exit the Configure Switch Encryption wizard.
“Understanding configuration status results”
Understanding configuration status results
After configuration of the encryption group is completed, Brocade Network Advisor sends API
commands to verify the switch configuration. The CLI commands are detailed in the encryption
administrator’s guide for your key vault management system.
1. Initialize the switch. If the switch is not already in the initiated state, Brocade Network Advisor
performs the cryptocfg
--
initnode command.
2. Create an encryption group on the switch. Brocade Network Advisor creates a new group using
the cryptocfg
--
create
-
encgroup command, and sets the key vault type using the cryptocfg
--
set
-
keyvault command.
3. Register the key vault. Brocade Network Advisor registers the key vault using the cryptocfg
--
reg keyvault command.
4. Enable the encryption engines. Brocade Network Advisor initializes an encryption switch using
the cryptocfg
--
initEE [
--
regEE [
5. Create a new master key. (Opaque key vaults only). Brocade Network Advisor checks for a new
master key. New master keys are generated from the Security tab located in the Encryption
Group Properties dialog box.
6. Save the switch’s public key certificate to a file. Brocade Network Advisor saves the KAC
certificate in the specified file.