Exporting the tklm self-signed server certificate, Exporting the tklm, Self-signed server certificate – Brocade Network Advisor SAN + IP User Manual v12.3.0 User Manual
Page 1096
1024
Brocade Network Advisor SAN + IP User Manual
53-1003155-01
Steps for connecting to a TKLM appliance
25
Exporting the TKLM self-signed server certificate
The TKLM self-signed server certificate must be exported in preparation for importing and
registering the certificate on a Fabric OS encryption Group Leader node.
1. Enter the TKLM server wsadmin CLI.
For Linux (in ./wsadmin.sh):
-password
For Windows:
TKLMAdmin -password
2. Check the certificate list using the following command:
print AdminTask.tklmCertList('[]')
The listing will contain the UUID for all certificates. Use the UUID of the server certificate to
export the server certificate from the database to the file system.
print AdminTask.tklmCertExport('[
-uuid
-fileName
3. Exit the wsadmin CLI
After export, the TKLM server certificate is at the following location:
For LINUX:
For Windows:
4. Transfer the TKLM certificate that was previously exported into the TKLM server file system to
the BNAManagement application host using any binary file transfer mechanism via SCP, USB,
or FTP.
Importing the TKLM certificate into the group leader
The TKLM certificate must be imported from the location on the host to the encryption Group
Leader node. The encryption Group Leader exports the certificate to group member switches.
1. Select Configure > Encryption from the menu task bar to display the Encryption Center
dialog box. (Refer to
Figure 376
on page 976.)
2. Select a switch from the Encryption Center Devices table, then select Switch > Import
Certificate from the menu task bar.
The Import Signed Certificate dialog box displays. (Refer to
Figure 396
.)