beautypg.com

Brocade Virtual ADX Security Guide (Supporting ADX v03.1.00) User Manual

Page 122

background image

110

Brocade Virtual ADX Security Guide

53-1003250-01

Configuring SSL on a Brocade Virtual ADX

6

Windows users
GUI-based SCP tools do not work in the current environment when you use SCP to transfer the
certificate files to the Brocade Virtual ADX. Windows users should have PSCP, a free SCP utility
based on putty SSH client. To access this Windows utility, use the following commands:

C:\images>pscp first.cer [email protected]:sslcert:bs:pem

C:\images>pscp second.cer [email protected]:sslcert:bs:pem

To upload a key-pair to a Brocade Virtual ADX:

Syntax: pscp key-pair-file-name user@SI_IP_Addr:sslkeypair:filename-on-SI:password:format

To download a key-pair from a Brocade Virtual ADX:

Syntax: pscp user@SI_IP_Addr:sslkeypair:filename_on_SI:password:format key-pair-file-name

To upload a certificate file to a Brocade Virtual ADX:

Syntax: pscp cert-file-name user@SI_IP_Addr:sslcert:filename-on-SI:format

To download a certificate file from the Brocade Virtual ADX:

Syntax: pscp user@SI_IP_Addr:sslcert:filename-on-SI:format cert-file-name

Example:

The following example uploads a certificate file named: "first.cert" to a Brocade Virtual ADX and
saves it with the name "bs" in pem format:

C:\images>pscp first.cer [email protected]:sslcert:bs:pem

Transferring a keypair file and a certificate file
For a Brocade Virtual ADX to recognize the incoming file type, the filename must be in a specific
format. With the correct format, you can describe the file type, file name, password, and format.

The name is divided into fields, which are separated by colons (:). The following fields are used:

File type - Determines whether the file contains a key pair or a certificate. The sslcert keyword
is used for a certificate. The sslkeypair keyword is used for a key pair.

File name - The file name on the Brocade Virtual ADX secondary memory. The name cannot be
more than 25 characters for the key pair file and 32 characters for the certificate file.

Password - Only required for a keypair file password. It is not used in certificate files. The
password cannot be more than 64 characters.

Format - Describes the format of the file. It can either be pem or pkcs12.

Based on these rules, use the following syntax to upload a file to Brocade Virtual ADX:

Syntax: scp source-file username @SI_IP_Addr:filetype:filename:password: format

NOTE

You do not need the password field for PEM format certificate files. For example, if a keypair file,
"myrsakeys" needs to be uploaded to Brocade Virtual ADX, its password is "brocade," and it is in PEM
format. The SCP server is already enabled on the Brocade Virtual ADX and a user "admin" is also
created.

To configure this scenario, use the following command:

c:\ scp myrsakeys.pem admin@ip_addr:sslkeypair:myrsakeys:brocade:pem

See also other documents in the category Brocade Computer Accessories: